From 5399c1f27a776805e58305789cfad8aaf48d51fa Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Sat, 29 Oct 2022 05:21:17 +0000 Subject: [PATCH 01/18] chore: update to gapic-generator-python 1.5.0 feat: add support for `google.cloud..__version__` PiperOrigin-RevId: 484665853 Source-Link: https://github.com/googleapis/googleapis/commit/8eb249a19db926c2fbc4ecf1dc09c0e521a88b22 Source-Link: https://github.com/googleapis/googleapis-gen/commit/c8aa327b5f478865fc3fd91e3c2768e54e26ad44 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiYzhhYTMyN2I1ZjQ3ODg2NWZjM2ZkOTFlM2MyNzY4ZTU0ZTI2YWQ0NCJ9 --- owl-bot-staging/v1/.coveragerc | 17 + owl-bot-staging/v1/.flake8 | 33 + owl-bot-staging/v1/MANIFEST.in | 2 + owl-bot-staging/v1/README.rst | 49 + .../binauthz_management_service_v1.rst | 10 + .../docs/binaryauthorization_v1/services.rst | 8 + .../system_policy_v1.rst | 6 + .../v1/docs/binaryauthorization_v1/types.rst | 7 + .../validation_helper_v1.rst | 6 + owl-bot-staging/v1/docs/conf.py | 376 ++ owl-bot-staging/v1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 71 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../cloud/binaryauthorization_v1/__init__.py | 72 + .../gapic_metadata.json | 141 + .../cloud/binaryauthorization_v1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1057 ++++++ .../binauthz_management_service_v1/client.py | 1225 +++++++ .../binauthz_management_service_v1/pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 465 +++ .../transports/grpc_asyncio.py | 464 +++ .../services/system_policy_v1/__init__.py | 22 + .../services/system_policy_v1/async_client.py | 308 ++ .../services/system_policy_v1/client.py | 509 +++ .../system_policy_v1/transports/__init__.py | 33 + .../system_policy_v1/transports/base.py | 155 + .../system_policy_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../services/validation_helper_v1/__init__.py | 22 + .../validation_helper_v1/async_client.py | 285 ++ .../services/validation_helper_v1/client.py | 478 +++ .../transports/__init__.py | 33 + .../validation_helper_v1/transports/base.py | 154 + .../validation_helper_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../binaryauthorization_v1/types/__init__.py | 58 + .../binaryauthorization_v1/types/resources.py | 461 +++ .../binaryauthorization_v1/types/service.py | 317 ++ owl-bot-staging/v1/mypy.ini | 3 + owl-bot-staging/v1/noxfile.py | 179 + ...gement_service_v1_create_attestor_async.py | 58 + ...agement_service_v1_create_attestor_sync.py | 58 + ...gement_service_v1_delete_attestor_async.py | 50 + ...agement_service_v1_delete_attestor_sync.py | 50 + ...anagement_service_v1_get_attestor_async.py | 52 + ...management_service_v1_get_attestor_sync.py | 52 + ..._management_service_v1_get_policy_async.py | 52 + ...z_management_service_v1_get_policy_sync.py | 52 + ...agement_service_v1_list_attestors_async.py | 53 + ...nagement_service_v1_list_attestors_sync.py | 53 + ...gement_service_v1_update_attestor_async.py | 56 + ...agement_service_v1_update_attestor_sync.py | 56 + ...nagement_service_v1_update_policy_async.py | 56 + ...anagement_service_v1_update_policy_sync.py | 56 + ...ystem_policy_v1_get_system_policy_async.py | 52 + ...system_policy_v1_get_system_policy_sync.py | 52 + ...1_validate_attestation_occurrence_async.py | 54 + ...v1_validate_attestation_occurrence_sync.py | 54 + ...ippet_metadata_binaryauthorization_v1.json | 1465 ++++++++ .../fixup_binaryauthorization_v1_keywords.py | 184 + owl-bot-staging/v1/setup.py | 90 + .../v1/testing/constraints-3.10.txt | 6 + .../v1/testing/constraints-3.11.txt | 6 + .../v1/testing/constraints-3.7.txt | 11 + .../v1/testing/constraints-3.8.txt | 6 + .../v1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1/tests/__init__.py | 16 + owl-bot-staging/v1/tests/unit/__init__.py | 16 + .../v1/tests/unit/gapic/__init__.py | 16 + .../gapic/binaryauthorization_v1/__init__.py | 16 + .../test_binauthz_management_service_v1.py | 3039 +++++++++++++++++ .../test_system_policy_v1.py | 1396 ++++++++ .../test_validation_helper_v1.py | 1293 +++++++ owl-bot-staging/v1beta1/.coveragerc | 17 + owl-bot-staging/v1beta1/.flake8 | 33 + owl-bot-staging/v1beta1/MANIFEST.in | 2 + owl-bot-staging/v1beta1/README.rst | 49 + .../binauthz_management_service_v1_beta1.rst | 10 + .../binaryauthorization_v1beta1/services.rst | 7 + .../system_policy_v1_beta1.rst | 6 + .../binaryauthorization_v1beta1/types.rst | 7 + owl-bot-staging/v1beta1/docs/conf.py | 376 ++ owl-bot-staging/v1beta1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 65 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../binaryauthorization_v1beta1/__init__.py | 66 + .../gapic_metadata.json | 117 + .../binaryauthorization_v1beta1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1063 ++++++ .../client.py | 1231 +++++++ .../pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 469 +++ .../transports/grpc_asyncio.py | 468 +++ .../system_policy_v1_beta1/__init__.py | 22 + .../system_policy_v1_beta1/async_client.py | 309 ++ .../services/system_policy_v1_beta1/client.py | 510 +++ .../transports/__init__.py | 33 + .../system_policy_v1_beta1/transports/base.py | 155 + .../system_policy_v1_beta1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../types/__init__.py | 58 + .../types/continuous_validation_logging.py | 161 + .../types/resources.py | 461 +++ .../types/service.py | 241 ++ owl-bot-staging/v1beta1/mypy.ini | 3 + owl-bot-staging/v1beta1/noxfile.py | 179 + ..._service_v1_beta1_create_attestor_async.py | 58 + ...t_service_v1_beta1_create_attestor_sync.py | 58 + ..._service_v1_beta1_delete_attestor_async.py | 50 + ...t_service_v1_beta1_delete_attestor_sync.py | 50 + ...ent_service_v1_beta1_get_attestor_async.py | 52 + ...ment_service_v1_beta1_get_attestor_sync.py | 52 + ...ement_service_v1_beta1_get_policy_async.py | 52 + ...gement_service_v1_beta1_get_policy_sync.py | 52 + ...t_service_v1_beta1_list_attestors_async.py | 53 + ...nt_service_v1_beta1_list_attestors_sync.py | 53 + ..._service_v1_beta1_update_attestor_async.py | 56 + ...t_service_v1_beta1_update_attestor_sync.py | 56 + ...nt_service_v1_beta1_update_policy_async.py | 56 + ...ent_service_v1_beta1_update_policy_sync.py | 56 + ...policy_v1_beta1_get_system_policy_async.py | 52 + ..._policy_v1_beta1_get_system_policy_sync.py | 52 + ..._metadata_binaryauthorization_v1beta1.json | 1312 +++++++ ...up_binaryauthorization_v1beta1_keywords.py | 183 + owl-bot-staging/v1beta1/setup.py | 90 + .../v1beta1/testing/constraints-3.10.txt | 6 + .../v1beta1/testing/constraints-3.11.txt | 6 + .../v1beta1/testing/constraints-3.7.txt | 11 + .../v1beta1/testing/constraints-3.8.txt | 6 + .../v1beta1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1beta1/tests/__init__.py | 16 + .../v1beta1/tests/unit/__init__.py | 16 + .../v1beta1/tests/unit/gapic/__init__.py | 16 + .../binaryauthorization_v1beta1/__init__.py | 16 + ...st_binauthz_management_service_v1_beta1.py | 3039 +++++++++++++++++ .../test_system_policy_v1_beta1.py | 1396 ++++++++ 146 files changed, 31284 insertions(+) create mode 100644 owl-bot-staging/v1/.coveragerc create mode 100644 owl-bot-staging/v1/.flake8 create mode 100644 owl-bot-staging/v1/MANIFEST.in create mode 100644 owl-bot-staging/v1/README.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst create mode 100644 owl-bot-staging/v1/docs/conf.py create mode 100644 owl-bot-staging/v1/docs/index.rst create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py create mode 100644 owl-bot-staging/v1/mypy.ini create mode 100644 owl-bot-staging/v1/noxfile.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json create mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py create mode 100644 owl-bot-staging/v1/setup.py create mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1/tests/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py create mode 100644 owl-bot-staging/v1beta1/.coveragerc create mode 100644 owl-bot-staging/v1beta1/.flake8 create mode 100644 owl-bot-staging/v1beta1/MANIFEST.in create mode 100644 owl-bot-staging/v1beta1/README.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst create mode 100644 owl-bot-staging/v1beta1/docs/conf.py create mode 100644 owl-bot-staging/v1beta1/docs/index.rst create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py create mode 100644 owl-bot-staging/v1beta1/mypy.ini create mode 100644 owl-bot-staging/v1beta1/noxfile.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json create mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py create mode 100644 owl-bot-staging/v1beta1/setup.py create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1beta1/tests/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in new file mode 100644 index 0000000..25c03c6 --- /dev/null +++ b/owl-bot-staging/v1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst new file mode 100644 index 0000000..1d11618 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1 +--------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst new file mode 100644 index 0000000..d8423c9 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst @@ -0,0 +1,8 @@ +Services for Google Cloud Binaryauthorization v1 API +==================================================== +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1 + system_policy_v1 + validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst new file mode 100644 index 0000000..da7e2d4 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1 +-------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst new file mode 100644 index 0000000..f693b22 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst @@ -0,0 +1,7 @@ +Types for Google Cloud Binaryauthorization v1 API +================================================= + +.. automodule:: google.cloud.binaryauthorization_v1.types + :members: + :undoc-members: + :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst new file mode 100644 index 0000000..5d92ddc --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst @@ -0,0 +1,6 @@ +ValidationHelperV1 +------------------------------------ + +.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst new file mode 100644 index 0000000..5c33d39 --- /dev/null +++ b/owl-bot-staging/v1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1/services + binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..cd87c27 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,71 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient + +from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1.types.resources import Attestor +from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1.types.resources import Policy +from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote +from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse + +__all__ = ('BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..4a0253e --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py @@ -0,0 +1,72 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from .services.system_policy_v1 import SystemPolicyV1Client +from .services.system_policy_v1 import SystemPolicyV1AsyncClient +from .services.validation_helper_v1 import ValidationHelperV1Client +from .services.validation_helper_v1 import ValidationHelperV1AsyncClient + +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedGrafeasNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest +from .types.service import ValidateAttestationOccurrenceRequest +from .types.service import ValidateAttestationOccurrenceResponse + +__all__ = ( + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Client', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedGrafeasNote', +'ValidateAttestationOccurrenceRequest', +'ValidateAttestationOccurrenceResponse', +'ValidationHelperV1Client', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json new file mode 100644 index 0000000..1d349e7 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json @@ -0,0 +1,141 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1", + "protoPackage": "google.cloud.binaryauthorization.v1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + }, + "ValidationHelperV1": { + "clients": { + "grpc": { + "libraryClient": "ValidationHelperV1Client", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + }, + "grpc-async": { + "libraryClient": "ValidationHelperV1AsyncClient", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py new file mode 100644 index 0000000..eb79aec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Client +from .async_client import BinauthzManagementServiceV1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py new file mode 100644 index 0000000..1b08a59 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py @@ -0,0 +1,1057 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Client + + +class BinauthzManagementServiceV1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + _client: BinauthzManagementServiceV1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py new file mode 100644 index 0000000..077a95c --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -0,0 +1,1225 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[BinauthzManagementServiceV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Transport): + # transport is a BinauthzManagementServiceV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py new file mode 100644 index 0000000..2c7aa53 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py new file mode 100644 index 0000000..7ab66d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Transport +from .grpc import BinauthzManagementServiceV1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Transport', + 'BinauthzManagementServiceV1GrpcTransport', + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py new file mode 100644 index 0000000..b9b7fe3 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py new file mode 100644 index 0000000..0ee1346 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py @@ -0,0 +1,465 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): + """gRPC backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..f6be296 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py @@ -0,0 +1,464 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1GrpcTransport + + +class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py new file mode 100644 index 0000000..61a11e8 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Client +from .async_client import SystemPolicyV1AsyncClient + +__all__ = ( + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py new file mode 100644 index 0000000..2eb5323 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py @@ -0,0 +1,308 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport +from .client import SystemPolicyV1Client + + +class SystemPolicyV1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py new file mode 100644 index 0000000..0077daf --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -0,0 +1,509 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +class SystemPolicyV1ClientMeta(type): + """Metaclass for the SystemPolicyV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] + _transport_registry["grpc"] = SystemPolicyV1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[SystemPolicyV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Transport): + # transport is a SystemPolicyV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py new file mode 100644 index 0000000..feea8d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Transport +from .grpc import SystemPolicyV1GrpcTransport +from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] +_transport_registry['grpc'] = SystemPolicyV1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Transport', + 'SystemPolicyV1GrpcTransport', + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py new file mode 100644 index 0000000..2421893 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py new file mode 100644 index 0000000..91578cd --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): + """gRPC backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..893ef80 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1GrpcTransport + + +class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py new file mode 100644 index 0000000..5a441c1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import ValidationHelperV1Client +from .async_client import ValidationHelperV1AsyncClient + +__all__ = ( + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py new file mode 100644 index 0000000..45a238c --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py @@ -0,0 +1,285 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport +from .client import ValidationHelperV1Client + + +class ValidationHelperV1AsyncClient: + """BinAuthz Attestor verification""" + + _client: ValidationHelperV1Client + + DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT + + common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) + parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) + common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) + parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) + common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) + parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) + common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) + parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = ValidationHelperV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def validate_attestation_occurrence(self, + request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.validate_attestation_occurrence, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py new file mode 100644 index 0000000..0c635d1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -0,0 +1,478 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import ValidationHelperV1GrpcTransport +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +class ValidationHelperV1ClientMeta(type): + """Metaclass for the ValidationHelperV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] + _transport_registry["grpc"] = ValidationHelperV1GrpcTransport + _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[ValidationHelperV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): + """BinAuthz Attestor verification""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, ValidationHelperV1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, ValidationHelperV1Transport): + # transport is a ValidationHelperV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def validate_attestation_occurrence(self, + request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + # Minor optimization to avoid making a copy if the user passes + # in a service.ValidateAttestationOccurrenceRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ValidateAttestationOccurrenceRequest): + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py new file mode 100644 index 0000000..09986f1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import ValidationHelperV1Transport +from .grpc import ValidationHelperV1GrpcTransport +from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] +_transport_registry['grpc'] = ValidationHelperV1GrpcTransport +_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport + +__all__ = ( + 'ValidationHelperV1Transport', + 'ValidationHelperV1GrpcTransport', + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py new file mode 100644 index 0000000..afce65a --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py @@ -0,0 +1,154 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class ValidationHelperV1Transport(abc.ABC): + """Abstract transport class for ValidationHelperV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.validate_attestation_occurrence: gapic_v1.method.wrap_method( + self.validate_attestation_occurrence, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Union[ + service.ValidateAttestationOccurrenceResponse, + Awaitable[service.ValidateAttestationOccurrenceResponse] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'ValidationHelperV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py new file mode 100644 index 0000000..1e208d8 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO + + +class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): + """gRPC backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + service.ValidateAttestationOccurrenceResponse]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + ~.ValidateAttestationOccurrenceResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'ValidationHelperV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..8e3266d --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .grpc import ValidationHelperV1GrpcTransport + + +class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): + """gRPC AsyncIO backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Awaitable[service.ValidateAttestationOccurrenceResponse]]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + Awaitable[~.ValidateAttestationOccurrenceResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py new file mode 100644 index 0000000..cddd9b9 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedGrafeasNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, + ValidateAttestationOccurrenceRequest, + ValidateAttestationOccurrenceResponse, +) + +__all__ = ( + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py new file mode 100644 index 0000000..249e783 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py @@ -0,0 +1,461 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedGrafeasNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container + image binary authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: [a-z.-]+, e.g. 'some-namespace' + kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. 'test-ns:default' + istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-istio-service-identity + admission rules. Istio service identity spec + format: + spiffe:///ns//sa/ + or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default + default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + wildcard, but this is allowed only in text after the + ``registry/`` part. This also supports a trailing ``**`` + wildcard which matches subdirectories of a given entry. + """ + + name_pattern = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies + either that all container images used in a pod creation request must + be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1.Attestor], that all + pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (Sequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that + attests to container image artifacts. An existing attestor cannot be + modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): + This specifies how an attestation will be + read, and how it will be used during policy + enforcement. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + user_owned_grafeas_note = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedGrafeasNote', + ) + update_time = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedGrafeasNote(proto.Message): + r"""An [user owned Grafeas + note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] + references a Grafeas Attestation.Authority Note created by the user. + + Attributes: + note_reference (str): + Required. The Grafeas resource name of a + Attestation.Authority Note, created by the user, in the + format: ``projects/*/notes/*``. This field may not be + updated. + + An attestation by this attestor is stored as a Grafeas + Attestation.Authority Occurrence that names a container + image and that links to this Note. Grafeas is an external + dependency. + public_keys (Sequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference = proto.Field( + proto.STRING, + number=1, + ) + public_keys = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that + will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment = proto.Field( + proto.STRING, + number=1, + ) + id = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py new file mode 100644 index 0000000..146c289 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py @@ -0,0 +1,317 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from grafeas.v1 import attestation_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] value. + The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] field + with the resource name in the request URL, in the format + ``projects/*/policy``. + """ + + policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + attestor_id = proto.Field( + proto.STRING, + number=2, + ) + attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] to + retrieve, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + page_size = proto.Field( + proto.INT32, + number=2, + ) + page_token = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (Sequence[google.cloud.binaryauthorization_v1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] to + delete, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class ValidateAttestationOccurrenceRequest(proto.Message): + r"""Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + attestor (str): + Required. The resource name of the + [Attestor][google.cloud.binaryauthorization.v1.Attestor] of + the [occurrence][grafeas.v1.Occurrence], in the format + ``projects/*/attestors/*``. + attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): + Required. An + [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to + be checked that it can be verified by the Attestor. It does + not have to be an existing entity in Container Analysis. It + must otherwise be a valid AttestationOccurrence. + occurrence_note (str): + Required. The resource name of the [Note][grafeas.v1.Note] + to which the containing [Occurrence][grafeas.v1.Occurrence] + is associated. + occurrence_resource_uri (str): + Required. The URI of the artifact (e.g. container image) + that is the subject of the containing + [Occurrence][grafeas.v1.Occurrence]. + """ + + attestor = proto.Field( + proto.STRING, + number=1, + ) + attestation = proto.Field( + proto.MESSAGE, + number=2, + message=attestation_pb2.AttestationOccurrence, + ) + occurrence_note = proto.Field( + proto.STRING, + number=3, + ) + occurrence_resource_uri = proto.Field( + proto.STRING, + number=4, + ) + + +class ValidateAttestationOccurrenceResponse(proto.Message): + r"""Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): + The result of the Attestation validation. + denial_reason (str): + The reason for denial if the Attestation + couldn't be validated. + """ + class Result(proto.Enum): + r"""The enum returned in the "result" field.""" + RESULT_UNSPECIFIED = 0 + VERIFIED = 1 + ATTESTATION_NOT_VERIFIABLE = 2 + + result = proto.Field( + proto.ENUM, + number=1, + enum=Result, + ) + denial_reason = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py new file mode 100644 index 0000000..9dee1a0 --- /dev/null +++ b/owl-bot-staging/v1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py new file mode 100644 index 0000000..42f52bc --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py new file mode 100644 index 0000000..e51ea8d --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py new file mode 100644 index 0000000..42c7afa --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py new file mode 100644 index 0000000..e435188 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py new file mode 100644 index 0000000..61dbe83 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py new file mode 100644 index 0000000..7272538 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py new file mode 100644 index 0000000..287a39f --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py new file mode 100644 index 0000000..108d76c --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py new file mode 100644 index 0000000..2670d1a --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py new file mode 100644 index 0000000..d7eecc9 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py new file mode 100644 index 0000000..8f0bd69 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py new file mode 100644 index 0000000..38073e4 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py new file mode 100644 index 0000000..12fc571 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py new file mode 100644 index 0000000..d1ce288 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py new file mode 100644 index 0000000..3458ff1 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py new file mode 100644 index 0000000..9d84367 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py new file mode 100644 index 0000000..248502b --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py new file mode 100644 index 0000000..44cb427 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json new file mode 100644 index 0000000..5e15984 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json @@ -0,0 +1,1465 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1", + "version": "v1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", + "shortName": "SystemPolicyV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", + "shortName": "SystemPolicyV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", + "shortName": "ValidationHelperV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", + "shortName": "ValidationHelperV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py new file mode 100644 index 0000000..62deb91 --- /dev/null +++ b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py @@ -0,0 +1,184 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt new file mode 100644 index 0000000..aca9f2d --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +# This file is intentionally left empty to test the +# latest versions of dependencies. +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py new file mode 100644 index 0000000..d628bd1 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1GrpcTransport, + ) + +def test_binauthz_management_service_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py new file mode 100644 index 0000000..39f62c7 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1GrpcTransport, "grpc"), + (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_client_get_transport_class(): + transport = SystemPolicyV1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Client, SystemPolicyV1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1GrpcTransport, + ) + +def test_system_policy_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_no_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_with_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py new file mode 100644 index 0000000..837321c --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py @@ -0,0 +1,1293 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from grafeas.v1 import attestation_pb2 # type: ignore +from grafeas.v1 import common_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.ValidationHelperV1GrpcTransport, "grpc"), + (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_validation_helper_v1_client_get_transport_class(): + transport = ValidationHelperV1Client.get_transport_class() + available_transports = [ + transports.ValidationHelperV1GrpcTransport, + ] + assert transport in available_transports + + transport = ValidationHelperV1Client.get_transport_class("grpc") + assert transport == transports.ValidationHelperV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + ValidationHelperV1Client, ValidationHelperV1AsyncClient +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_validation_helper_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = ValidationHelperV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.ValidateAttestationOccurrenceRequest, + dict, +]) +def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + ) + response = client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +def test_validate_attestation_occurrence_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + client.validate_attestation_occurrence() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + )) + response = await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async_from_dict(): + await test_validate_attestation_occurrence_async(request_type=dict) + + +def test_validate_attestation_occurrence_field_headers(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = service.ValidateAttestationOccurrenceResponse() + client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_field_headers_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) + await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = ValidationHelperV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = ValidationHelperV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.ValidationHelperV1GrpcTransport, + ) + +def test_validation_helper_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_validation_helper_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'validate_attestation_occurrence', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_validation_helper_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_validation_helper_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport() + adc.assert_called_once() + + +def test_validation_helper_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + ValidationHelperV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.ValidationHelperV1GrpcTransport, grpc_helpers), + (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_no_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_with_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_validation_helper_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_validation_helper_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_common_billing_account_path(): + billing_account = "squid" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = ValidationHelperV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "clam", + } + path = ValidationHelperV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "whelk" + expected = "folders/{folder}".format(folder=folder, ) + actual = ValidationHelperV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "octopus", + } + path = ValidationHelperV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "oyster" + expected = "organizations/{organization}".format(organization=organization, ) + actual = ValidationHelperV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "nudibranch", + } + path = ValidationHelperV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "cuttlefish" + expected = "projects/{project}".format(project=project, ) + actual = ValidationHelperV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "mussel", + } + path = ValidationHelperV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "winkle" + location = "nautilus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = ValidationHelperV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "scallop", + "location": "abalone", + } + path = ValidationHelperV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + transport_class = ValidationHelperV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1beta1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1beta1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in new file mode 100644 index 0000000..dcb06b9 --- /dev/null +++ b/owl-bot-staging/v1beta1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1beta1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst new file mode 100644 index 0000000..22016d0 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1Beta1 +-------------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst new file mode 100644 index 0000000..0d0e455 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst @@ -0,0 +1,7 @@ +Services for Google Cloud Binaryauthorization v1beta1 API +========================================================= +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1_beta1 + system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst new file mode 100644 index 0000000..70a68bc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1Beta1 +------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst new file mode 100644 index 0000000..aa0d435 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst @@ -0,0 +1,7 @@ +Types for Google Cloud Binaryauthorization v1beta1 API +====================================================== + +.. automodule:: google.cloud.binaryauthorization_v1beta1.types + :members: + :undoc-members: + :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst new file mode 100644 index 0000000..787a5eb --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1beta1/services + binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..ad30948 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,65 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient + +from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor +from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import Policy +from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote +from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest + +__all__ = ('BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..39fdf61 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,66 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient + +from .types.continuous_validation_logging import ContinuousValidationEvent +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedDrydockNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest + +__all__ = ( + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Beta1Client', +'ContinuousValidationEvent', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Beta1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedDrydockNote', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json new file mode 100644 index 0000000..65f5f50 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json @@ -0,0 +1,117 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1beta1", + "protoPackage": "google.cloud.binaryauthorization.v1beta1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Beta1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Beta1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1Beta1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py new file mode 100644 index 0000000..c00aba6 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Beta1Client +from .async_client import BinauthzManagementServiceV1Beta1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py new file mode 100644 index 0000000..7eded62 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py @@ -0,0 +1,1063 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Beta1Client + + +class BinauthzManagementServiceV1Beta1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + _client: BinauthzManagementServiceV1Beta1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py new file mode 100644 index 0000000..7ab0540 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -0,0 +1,1231 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1Beta1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[BinauthzManagementServiceV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Beta1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): + # transport is a BinauthzManagementServiceV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py new file mode 100644 index 0000000..3d12ffa --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..207eade --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Beta1Transport +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', + 'BinauthzManagementServiceV1Beta1GrpcTransport', + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py new file mode 100644 index 0000000..460f97b --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Beta1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..e34903a --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py @@ -0,0 +1,469 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..c611740 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,468 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport + + +class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py new file mode 100644 index 0000000..3fc064c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Beta1Client +from .async_client import SystemPolicyV1Beta1AsyncClient + +__all__ = ( + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py new file mode 100644 index 0000000..d8ec68d --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py @@ -0,0 +1,309 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport +from .client import SystemPolicyV1Beta1Client + + +class SystemPolicyV1Beta1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Beta1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py new file mode 100644 index 0000000..544d61b --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -0,0 +1,510 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1Beta1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +class SystemPolicyV1Beta1ClientMeta(type): + """Metaclass for the SystemPolicyV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] + _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[SystemPolicyV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Beta1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Beta1Transport): + # transport is a SystemPolicyV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..2afe7f8 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Beta1Transport +from .grpc import SystemPolicyV1Beta1GrpcTransport +from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] +_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Beta1Transport', + 'SystemPolicyV1Beta1GrpcTransport', + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py new file mode 100644 index 0000000..d4dbc15 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Beta1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..87d6095 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): + """gRPC backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..4e9d5e7 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1Beta1GrpcTransport + + +class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py new file mode 100644 index 0000000..289c81c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .continuous_validation_logging import ( + ContinuousValidationEvent, +) +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedDrydockNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, +) + +__all__ = ( + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py new file mode 100644 index 0000000..7b4eb1c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py @@ -0,0 +1,161 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'ContinuousValidationEvent', + }, +) + + +class ContinuousValidationEvent(proto.Message): + r"""Represents an auditing event from Continuous Validation. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): + Pod event. + + This field is a member of `oneof`_ ``event_type``. + unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): + Unsupported policy event. + + This field is a member of `oneof`_ ``event_type``. + """ + + class ContinuousValidationPodEvent(proto.Message): + r"""An auditing event for one Pod. + + Attributes: + pod_namespace (str): + The k8s namespace of the Pod. + pod (str): + The name of the Pod. + deploy_time (google.protobuf.timestamp_pb2.Timestamp): + Deploy time of the Pod from k8s. + end_time (google.protobuf.timestamp_pb2.Timestamp): + Termination time of the Pod from k8s, or + nothing if still running. + verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): + Auditing verdict for this Pod. + images (Sequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): + List of images with auditing details. + """ + class PolicyConformanceVerdict(proto.Enum): + r"""Audit time policy conformance verdict.""" + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 + VIOLATES_POLICY = 1 + + class ImageDetails(proto.Message): + r"""Container image with auditing details. + + Attributes: + image (str): + The name of the image. + result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): + The result of the audit for this image. + description (str): + Description of the above result. + """ + class AuditResult(proto.Enum): + r"""Result of the audit.""" + AUDIT_RESULT_UNSPECIFIED = 0 + ALLOW = 1 + DENY = 2 + + image = proto.Field( + proto.STRING, + number=1, + ) + result = proto.Field( + proto.ENUM, + number=2, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', + ) + description = proto.Field( + proto.STRING, + number=3, + ) + + pod_namespace = proto.Field( + proto.STRING, + number=7, + ) + pod = proto.Field( + proto.STRING, + number=1, + ) + deploy_time = proto.Field( + proto.MESSAGE, + number=2, + message=timestamp_pb2.Timestamp, + ) + end_time = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + verdict = proto.Field( + proto.ENUM, + number=4, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', + ) + images = proto.RepeatedField( + proto.MESSAGE, + number=5, + message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', + ) + + class UnsupportedPolicyEvent(proto.Message): + r"""An event describing that the project policy is unsupported by + CV. + + Attributes: + description (str): + A description of the unsupported policy. + """ + + description = proto.Field( + proto.STRING, + number=1, + ) + + pod_event = proto.Field( + proto.MESSAGE, + number=1, + oneof='event_type', + message=ContinuousValidationPodEvent, + ) + unsupported_policy_event = proto.Field( + proto.MESSAGE, + number=2, + oneof='event_type', + message=UnsupportedPolicyEvent, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py new file mode 100644 index 0000000..1d974e8 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py @@ -0,0 +1,461 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedDrydockNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + Binary Authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` + kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. ``test-ns:default`` + istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-istio-service-identity admission rules. Istio + service identity spec format: + ``spiffe:///ns//sa/`` or + ``/ns//sa/`` e.g. + ``spiffe://example.com/ns/test-ns/sa/default`` + default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + as a wildcard, but this is allowed only in text after the + ``registry/`` part. ``*`` wildcard does not match ``/``, + i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but + it does not match ``gcr.io/nginx/image``. This also supports + a trailing ``**`` wildcard which matches subdirectories, + i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. + """ + + name_pattern = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] + specifies either that all container images used in a pod creation + request must be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that + all pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (Sequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + that attests to container image artifacts. An existing attestor + cannot be modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): + A Drydock ATTESTATION_AUTHORITY Note, created by the user. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + user_owned_drydock_note = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedDrydockNote', + ) + update_time = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedDrydockNote(proto.Message): + r"""An [user owned drydock + note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] + references a Drydock ATTESTATION_AUTHORITY Note created by the user. + + Attributes: + note_reference (str): + Required. The Drydock resource name of a + ATTESTATION_AUTHORITY Note, created by the user, in the + format: ``projects/*/notes/*`` (or the legacy + ``providers/*/notes/*``). This field may not be updated. + + An attestation by this attestor is stored as a Drydock + ATTESTATION_AUTHORITY Occurrence that names a container + image and that links to this Note. Drydock is an external + dependency. + public_keys (Sequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference = proto.Field( + proto.STRING, + number=1, + ) + public_keys = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] + that will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment = proto.Field( + proto.STRING, + number=1, + ) + id = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py new file mode 100644 index 0000000..8cd3dfd --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py @@ -0,0 +1,241 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + """ + + policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + attestor_id = proto.Field( + proto.STRING, + number=2, + ) + attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + page_size = proto.Field( + proto.INT32, + number=2, + ) + page_token = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (Sequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1beta1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py new file mode 100644 index 0000000..b45044d --- /dev/null +++ b/owl-bot-staging/v1beta1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1beta1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py new file mode 100644 index 0000000..793b1ea --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py new file mode 100644 index 0000000..4de96ca --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py new file mode 100644 index 0000000..3aa680b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py new file mode 100644 index 0000000..7a0a694 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py new file mode 100644 index 0000000..d3affd0 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py new file mode 100644 index 0000000..b2fa796 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py new file mode 100644 index 0000000..99deaa5 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py new file mode 100644 index 0000000..ae48362 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py new file mode 100644 index 0000000..9373d89 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py new file mode 100644 index 0000000..24f6afc --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py new file mode 100644 index 0000000..463bb99 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py new file mode 100644 index 0000000..21ce41a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py new file mode 100644 index 0000000..2d3f605 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py new file mode 100644 index 0000000..85ba6b8 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py new file mode 100644 index 0000000..36a01b4 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py new file mode 100644 index 0000000..6b68d3b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json new file mode 100644 index 0000000..e73dca4 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json @@ -0,0 +1,1312 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1beta1", + "version": "v1beta1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", + "shortName": "SystemPolicyV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", + "shortName": "SystemPolicyV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py new file mode 100644 index 0000000..e4d7076 --- /dev/null +++ b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py @@ -0,0 +1,183 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1beta1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt new file mode 100644 index 0000000..aca9f2d --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +# This file is intentionally left empty to test the +# latest versions of dependencies. +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py new file mode 100644 index 0000000..e2b10aa --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_beta1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ) + +def test_binauthz_management_service_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py new file mode 100644 index 0000000..b1902f9 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_beta1_client_get_transport_class(): + transport = SystemPolicyV1Beta1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1Beta1GrpcTransport, + ) + +def test_system_policy_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_no_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_with_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) From d27b43842a41b8518a9a1272e8b4fc0df17c7602 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Sat, 29 Oct 2022 05:22:53 +0000 Subject: [PATCH 02/18] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot=20?= =?UTF-8?q?post-processor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- google/cloud/binaryauthorization/__init__.py | 4 + .../binaryauthorization/gapic_version.py | 0 .../cloud/binaryauthorization_v1/__init__.py | 4 + .../binauthz_management_service_v1/client.py | 7 +- .../services/system_policy_v1/client.py | 7 +- .../services/validation_helper_v1/client.py | 7 +- .../binaryauthorization_v1beta1/__init__.py | 4 + .../client.py | 7 +- .../services/system_policy_v1_beta1/client.py | 7 +- owl-bot-staging/v1/.coveragerc | 17 - owl-bot-staging/v1/.flake8 | 33 - owl-bot-staging/v1/MANIFEST.in | 2 - owl-bot-staging/v1/README.rst | 49 - .../binauthz_management_service_v1.rst | 10 - .../docs/binaryauthorization_v1/services.rst | 8 - .../system_policy_v1.rst | 6 - .../v1/docs/binaryauthorization_v1/types.rst | 7 - .../validation_helper_v1.rst | 6 - owl-bot-staging/v1/docs/conf.py | 376 -- owl-bot-staging/v1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 71 - .../google/cloud/binaryauthorization/py.typed | 2 - .../cloud/binaryauthorization_v1/__init__.py | 72 - .../gapic_metadata.json | 141 - .../cloud/binaryauthorization_v1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1057 ------ .../binauthz_management_service_v1/client.py | 1225 ------- .../binauthz_management_service_v1/pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 465 --- .../transports/grpc_asyncio.py | 464 --- .../services/system_policy_v1/__init__.py | 22 - .../services/system_policy_v1/async_client.py | 308 -- .../services/system_policy_v1/client.py | 509 --- .../system_policy_v1/transports/__init__.py | 33 - .../system_policy_v1/transports/base.py | 155 - .../system_policy_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../services/validation_helper_v1/__init__.py | 22 - .../validation_helper_v1/async_client.py | 285 -- .../services/validation_helper_v1/client.py | 478 --- .../transports/__init__.py | 33 - .../validation_helper_v1/transports/base.py | 154 - .../validation_helper_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../binaryauthorization_v1/types/__init__.py | 58 - .../binaryauthorization_v1/types/resources.py | 461 --- .../binaryauthorization_v1/types/service.py | 317 -- owl-bot-staging/v1/mypy.ini | 3 - owl-bot-staging/v1/noxfile.py | 179 - ...gement_service_v1_create_attestor_async.py | 58 - ...agement_service_v1_create_attestor_sync.py | 58 - ...gement_service_v1_delete_attestor_async.py | 50 - ...agement_service_v1_delete_attestor_sync.py | 50 - ...anagement_service_v1_get_attestor_async.py | 52 - ...management_service_v1_get_attestor_sync.py | 52 - ..._management_service_v1_get_policy_async.py | 52 - ...z_management_service_v1_get_policy_sync.py | 52 - ...agement_service_v1_list_attestors_async.py | 53 - ...nagement_service_v1_list_attestors_sync.py | 53 - ...gement_service_v1_update_attestor_async.py | 56 - ...agement_service_v1_update_attestor_sync.py | 56 - ...nagement_service_v1_update_policy_async.py | 56 - ...anagement_service_v1_update_policy_sync.py | 56 - ...ystem_policy_v1_get_system_policy_async.py | 52 - ...system_policy_v1_get_system_policy_sync.py | 52 - ...1_validate_attestation_occurrence_async.py | 54 - ...v1_validate_attestation_occurrence_sync.py | 54 - ...ippet_metadata_binaryauthorization_v1.json | 1465 -------- .../fixup_binaryauthorization_v1_keywords.py | 184 - owl-bot-staging/v1/setup.py | 90 - .../v1/testing/constraints-3.10.txt | 6 - .../v1/testing/constraints-3.11.txt | 6 - .../v1/testing/constraints-3.7.txt | 11 - .../v1/testing/constraints-3.8.txt | 6 - .../v1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1/tests/__init__.py | 16 - owl-bot-staging/v1/tests/unit/__init__.py | 16 - .../v1/tests/unit/gapic/__init__.py | 16 - .../gapic/binaryauthorization_v1/__init__.py | 16 - .../test_binauthz_management_service_v1.py | 3039 ----------------- .../test_system_policy_v1.py | 1396 -------- .../test_validation_helper_v1.py | 1293 ------- owl-bot-staging/v1beta1/.coveragerc | 17 - owl-bot-staging/v1beta1/.flake8 | 33 - owl-bot-staging/v1beta1/MANIFEST.in | 2 - owl-bot-staging/v1beta1/README.rst | 49 - .../binauthz_management_service_v1_beta1.rst | 10 - .../binaryauthorization_v1beta1/services.rst | 7 - .../system_policy_v1_beta1.rst | 6 - .../binaryauthorization_v1beta1/types.rst | 7 - owl-bot-staging/v1beta1/docs/conf.py | 376 -- owl-bot-staging/v1beta1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 65 - .../binaryauthorization/gapic_version.py | 16 - .../google/cloud/binaryauthorization/py.typed | 2 - .../binaryauthorization_v1beta1/__init__.py | 66 - .../gapic_metadata.json | 117 - .../binaryauthorization_v1beta1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1063 ------ .../client.py | 1231 ------- .../pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 469 --- .../transports/grpc_asyncio.py | 468 --- .../system_policy_v1_beta1/__init__.py | 22 - .../system_policy_v1_beta1/async_client.py | 309 -- .../services/system_policy_v1_beta1/client.py | 510 --- .../transports/__init__.py | 33 - .../system_policy_v1_beta1/transports/base.py | 155 - .../system_policy_v1_beta1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../types/__init__.py | 58 - .../types/continuous_validation_logging.py | 161 - .../types/resources.py | 461 --- .../types/service.py | 241 -- owl-bot-staging/v1beta1/mypy.ini | 3 - owl-bot-staging/v1beta1/noxfile.py | 179 - ..._service_v1_beta1_create_attestor_async.py | 58 - ...t_service_v1_beta1_create_attestor_sync.py | 58 - ..._service_v1_beta1_delete_attestor_async.py | 50 - ...t_service_v1_beta1_delete_attestor_sync.py | 50 - ...ent_service_v1_beta1_get_attestor_async.py | 52 - ...ment_service_v1_beta1_get_attestor_sync.py | 52 - ...ement_service_v1_beta1_get_policy_async.py | 52 - ...gement_service_v1_beta1_get_policy_sync.py | 52 - ...t_service_v1_beta1_list_attestors_async.py | 53 - ...nt_service_v1_beta1_list_attestors_sync.py | 53 - ..._service_v1_beta1_update_attestor_async.py | 56 - ...t_service_v1_beta1_update_attestor_sync.py | 56 - ...nt_service_v1_beta1_update_policy_async.py | 56 - ...ent_service_v1_beta1_update_policy_sync.py | 56 - ...policy_v1_beta1_get_system_policy_async.py | 52 - ..._policy_v1_beta1_get_system_policy_sync.py | 52 - ..._metadata_binaryauthorization_v1beta1.json | 1312 ------- ...up_binaryauthorization_v1beta1_keywords.py | 183 - owl-bot-staging/v1beta1/setup.py | 90 - .../v1beta1/testing/constraints-3.10.txt | 6 - .../v1beta1/testing/constraints-3.11.txt | 6 - .../v1beta1/testing/constraints-3.7.txt | 11 - .../v1beta1/testing/constraints-3.8.txt | 6 - .../v1beta1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1beta1/tests/__init__.py | 16 - .../v1beta1/tests/unit/__init__.py | 16 - .../v1beta1/tests/unit/gapic/__init__.py | 16 - .../binaryauthorization_v1beta1/__init__.py | 16 - ...st_binauthz_management_service_v1_beta1.py | 3039 ----------------- .../test_system_policy_v1_beta1.py | 1396 -------- testing/constraints-3.10.txt | 6 + testing/constraints-3.11.txt | 6 + testing/constraints-3.7.txt | 5 +- testing/constraints-3.8.txt | 8 +- testing/constraints-3.9.txt | 8 +- 159 files changed, 59 insertions(+), 31289 deletions(-) rename {owl-bot-staging/v1/google => google}/cloud/binaryauthorization/gapic_version.py (100%) delete mode 100644 owl-bot-staging/v1/.coveragerc delete mode 100644 owl-bot-staging/v1/.flake8 delete mode 100644 owl-bot-staging/v1/MANIFEST.in delete mode 100644 owl-bot-staging/v1/README.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst delete mode 100644 owl-bot-staging/v1/docs/conf.py delete mode 100644 owl-bot-staging/v1/docs/index.rst delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py delete mode 100644 owl-bot-staging/v1/mypy.ini delete mode 100644 owl-bot-staging/v1/noxfile.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json delete mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py delete mode 100644 owl-bot-staging/v1/setup.py delete mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1/tests/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py delete mode 100644 owl-bot-staging/v1beta1/.coveragerc delete mode 100644 owl-bot-staging/v1beta1/.flake8 delete mode 100644 owl-bot-staging/v1beta1/MANIFEST.in delete mode 100644 owl-bot-staging/v1beta1/README.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst delete mode 100644 owl-bot-staging/v1beta1/docs/conf.py delete mode 100644 owl-bot-staging/v1beta1/docs/index.rst delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py delete mode 100644 owl-bot-staging/v1beta1/mypy.ini delete mode 100644 owl-bot-staging/v1beta1/noxfile.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json delete mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py delete mode 100644 owl-bot-staging/v1beta1/setup.py delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1beta1/tests/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py diff --git a/google/cloud/binaryauthorization/__init__.py b/google/cloud/binaryauthorization/__init__.py index daddba4..213cf5e 100644 --- a/google/cloud/binaryauthorization/__init__.py +++ b/google/cloud/binaryauthorization/__init__.py @@ -13,6 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import ( BinauthzManagementServiceV1Client, diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/google/cloud/binaryauthorization/gapic_version.py similarity index 100% rename from owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py rename to google/cloud/binaryauthorization/gapic_version.py diff --git a/google/cloud/binaryauthorization_v1/__init__.py b/google/cloud/binaryauthorization_v1/__init__.py index feb79fb..cf359a9 100644 --- a/google/cloud/binaryauthorization_v1/__init__.py +++ b/google/cloud/binaryauthorization_v1/__init__.py @@ -13,6 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client from .services.binauthz_management_service_v1 import ( diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py index b3a9fc5..364c93e 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -16,7 +16,7 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast import pkg_resources from google.api_core import client_options as client_options_lib @@ -358,7 +358,7 @@ def __init__( *, credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, BinauthzManagementServiceV1Transport, None] = None, - client_options: Optional[client_options_lib.ClientOptions] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the binauthz management service v1 client. @@ -372,7 +372,7 @@ def __init__( transport (Union[str, BinauthzManagementServiceV1Transport]): The transport to use. If set to None, a transport is chosen automatically. - client_options (google.api_core.client_options.ClientOptions): Custom options for the + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the client. It won't take effect if a ``transport`` instance is provided. (1) The ``api_endpoint`` property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT @@ -402,6 +402,7 @@ def __init__( client_options = client_options_lib.from_dict(client_options) if client_options is None: client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source( client_options diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py index 48391fa..b5b1d46 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -16,7 +16,7 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast import pkg_resources from google.api_core import client_options as client_options_lib @@ -327,7 +327,7 @@ def __init__( *, credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, SystemPolicyV1Transport, None] = None, - client_options: Optional[client_options_lib.ClientOptions] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the system policy v1 client. @@ -341,7 +341,7 @@ def __init__( transport (Union[str, SystemPolicyV1Transport]): The transport to use. If set to None, a transport is chosen automatically. - client_options (google.api_core.client_options.ClientOptions): Custom options for the + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the client. It won't take effect if a ``transport`` instance is provided. (1) The ``api_endpoint`` property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT @@ -371,6 +371,7 @@ def __init__( client_options = client_options_lib.from_dict(client_options) if client_options is None: client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source( client_options diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py index 2d53264..b7d609d 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -16,7 +16,7 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast import pkg_resources from google.api_core import client_options as client_options_lib @@ -310,7 +310,7 @@ def __init__( *, credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, ValidationHelperV1Transport, None] = None, - client_options: Optional[client_options_lib.ClientOptions] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the validation helper v1 client. @@ -324,7 +324,7 @@ def __init__( transport (Union[str, ValidationHelperV1Transport]): The transport to use. If set to None, a transport is chosen automatically. - client_options (google.api_core.client_options.ClientOptions): Custom options for the + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the client. It won't take effect if a ``transport`` instance is provided. (1) The ``api_endpoint`` property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT @@ -354,6 +354,7 @@ def __init__( client_options = client_options_lib.from_dict(client_options) if client_options is None: client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source( client_options diff --git a/google/cloud/binaryauthorization_v1beta1/__init__.py b/google/cloud/binaryauthorization_v1beta1/__init__.py index 22b6788..c9e78fc 100644 --- a/google/cloud/binaryauthorization_v1beta1/__init__.py +++ b/google/cloud/binaryauthorization_v1beta1/__init__.py @@ -13,6 +13,10 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + from .services.binauthz_management_service_v1_beta1 import ( BinauthzManagementServiceV1Beta1Client, diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py index fc9784a..8a7c1c1 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -16,7 +16,7 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast import pkg_resources from google.api_core import client_options as client_options_lib @@ -363,7 +363,7 @@ def __init__( *, credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, BinauthzManagementServiceV1Beta1Transport, None] = None, - client_options: Optional[client_options_lib.ClientOptions] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the binauthz management service v1 beta1 client. @@ -377,7 +377,7 @@ def __init__( transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The transport to use. If set to None, a transport is chosen automatically. - client_options (google.api_core.client_options.ClientOptions): Custom options for the + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the client. It won't take effect if a ``transport`` instance is provided. (1) The ``api_endpoint`` property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT @@ -407,6 +407,7 @@ def __init__( client_options = client_options_lib.from_dict(client_options) if client_options is None: client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source( client_options diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py index f841e79..f272fd2 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -16,7 +16,7 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast import pkg_resources from google.api_core import client_options as client_options_lib @@ -327,7 +327,7 @@ def __init__( *, credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, SystemPolicyV1Beta1Transport, None] = None, - client_options: Optional[client_options_lib.ClientOptions] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the system policy v1 beta1 client. @@ -341,7 +341,7 @@ def __init__( transport (Union[str, SystemPolicyV1Beta1Transport]): The transport to use. If set to None, a transport is chosen automatically. - client_options (google.api_core.client_options.ClientOptions): Custom options for the + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the client. It won't take effect if a ``transport`` instance is provided. (1) The ``api_endpoint`` property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT @@ -371,6 +371,7 @@ def __init__( client_options = client_options_lib.from_dict(client_options) if client_options is None: client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source( client_options diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in deleted file mode 100644 index 25c03c6..0000000 --- a/owl-bot-staging/v1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst deleted file mode 100644 index 1d11618..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1 ---------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst deleted file mode 100644 index d8423c9..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst +++ /dev/null @@ -1,8 +0,0 @@ -Services for Google Cloud Binaryauthorization v1 API -==================================================== -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1 - system_policy_v1 - validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst deleted file mode 100644 index da7e2d4..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1 --------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst deleted file mode 100644 index f693b22..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst +++ /dev/null @@ -1,7 +0,0 @@ -Types for Google Cloud Binaryauthorization v1 API -================================================= - -.. automodule:: google.cloud.binaryauthorization_v1.types - :members: - :undoc-members: - :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst deleted file mode 100644 index 5d92ddc..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -ValidationHelperV1 ------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst deleted file mode 100644 index 5c33d39..0000000 --- a/owl-bot-staging/v1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1/services - binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index cd87c27..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,71 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient - -from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1.types.resources import Attestor -from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1.types.resources import Policy -from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote -from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse - -__all__ = ('BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py deleted file mode 100644 index 4a0253e..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,72 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from .services.system_policy_v1 import SystemPolicyV1Client -from .services.system_policy_v1 import SystemPolicyV1AsyncClient -from .services.validation_helper_v1 import ValidationHelperV1Client -from .services.validation_helper_v1 import ValidationHelperV1AsyncClient - -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedGrafeasNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest -from .types.service import ValidateAttestationOccurrenceRequest -from .types.service import ValidateAttestationOccurrenceResponse - -__all__ = ( - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Client', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedGrafeasNote', -'ValidateAttestationOccurrenceRequest', -'ValidateAttestationOccurrenceResponse', -'ValidationHelperV1Client', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json deleted file mode 100644 index 1d349e7..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json +++ /dev/null @@ -1,141 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1", - "protoPackage": "google.cloud.binaryauthorization.v1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - }, - "ValidationHelperV1": { - "clients": { - "grpc": { - "libraryClient": "ValidationHelperV1Client", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - }, - "grpc-async": { - "libraryClient": "ValidationHelperV1AsyncClient", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py deleted file mode 100644 index eb79aec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Client -from .async_client import BinauthzManagementServiceV1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py deleted file mode 100644 index 1b08a59..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py +++ /dev/null @@ -1,1057 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Client - - -class BinauthzManagementServiceV1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - _client: BinauthzManagementServiceV1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py deleted file mode 100644 index 077a95c..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ /dev/null @@ -1,1225 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[BinauthzManagementServiceV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Transport): - # transport is a BinauthzManagementServiceV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py deleted file mode 100644 index 2c7aa53..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py deleted file mode 100644 index 7ab66d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Transport -from .grpc import BinauthzManagementServiceV1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Transport', - 'BinauthzManagementServiceV1GrpcTransport', - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py deleted file mode 100644 index b9b7fe3..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py deleted file mode 100644 index 0ee1346..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py +++ /dev/null @@ -1,465 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): - """gRPC backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py deleted file mode 100644 index f6be296..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,464 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1GrpcTransport - - -class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py deleted file mode 100644 index 61a11e8..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Client -from .async_client import SystemPolicyV1AsyncClient - -__all__ = ( - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py deleted file mode 100644 index 2eb5323..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py +++ /dev/null @@ -1,308 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport -from .client import SystemPolicyV1Client - - -class SystemPolicyV1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py deleted file mode 100644 index 0077daf..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ /dev/null @@ -1,509 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -class SystemPolicyV1ClientMeta(type): - """Metaclass for the SystemPolicyV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] - _transport_registry["grpc"] = SystemPolicyV1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[SystemPolicyV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Transport): - # transport is a SystemPolicyV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py deleted file mode 100644 index feea8d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Transport -from .grpc import SystemPolicyV1GrpcTransport -from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] -_transport_registry['grpc'] = SystemPolicyV1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Transport', - 'SystemPolicyV1GrpcTransport', - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py deleted file mode 100644 index 2421893..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py deleted file mode 100644 index 91578cd..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): - """gRPC backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py deleted file mode 100644 index 893ef80..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1GrpcTransport - - -class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py deleted file mode 100644 index 5a441c1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import ValidationHelperV1Client -from .async_client import ValidationHelperV1AsyncClient - -__all__ = ( - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py deleted file mode 100644 index 45a238c..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py +++ /dev/null @@ -1,285 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport -from .client import ValidationHelperV1Client - - -class ValidationHelperV1AsyncClient: - """BinAuthz Attestor verification""" - - _client: ValidationHelperV1Client - - DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT - - common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) - parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) - common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) - parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) - common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) - parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) - common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) - parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = ValidationHelperV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def validate_attestation_occurrence(self, - request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.validate_attestation_occurrence, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py deleted file mode 100644 index 0c635d1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ /dev/null @@ -1,478 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import ValidationHelperV1GrpcTransport -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -class ValidationHelperV1ClientMeta(type): - """Metaclass for the ValidationHelperV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] - _transport_registry["grpc"] = ValidationHelperV1GrpcTransport - _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[ValidationHelperV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): - """BinAuthz Attestor verification""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, ValidationHelperV1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, ValidationHelperV1Transport): - # transport is a ValidationHelperV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def validate_attestation_occurrence(self, - request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - # Minor optimization to avoid making a copy if the user passes - # in a service.ValidateAttestationOccurrenceRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ValidateAttestationOccurrenceRequest): - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py deleted file mode 100644 index 09986f1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import ValidationHelperV1Transport -from .grpc import ValidationHelperV1GrpcTransport -from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] -_transport_registry['grpc'] = ValidationHelperV1GrpcTransport -_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport - -__all__ = ( - 'ValidationHelperV1Transport', - 'ValidationHelperV1GrpcTransport', - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py deleted file mode 100644 index afce65a..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py +++ /dev/null @@ -1,154 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class ValidationHelperV1Transport(abc.ABC): - """Abstract transport class for ValidationHelperV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.validate_attestation_occurrence: gapic_v1.method.wrap_method( - self.validate_attestation_occurrence, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Union[ - service.ValidateAttestationOccurrenceResponse, - Awaitable[service.ValidateAttestationOccurrenceResponse] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'ValidationHelperV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py deleted file mode 100644 index 1e208d8..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO - - -class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): - """gRPC backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - service.ValidateAttestationOccurrenceResponse]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - ~.ValidateAttestationOccurrenceResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'ValidationHelperV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py deleted file mode 100644 index 8e3266d..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .grpc import ValidationHelperV1GrpcTransport - - -class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): - """gRPC AsyncIO backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Awaitable[service.ValidateAttestationOccurrenceResponse]]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - Awaitable[~.ValidateAttestationOccurrenceResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py deleted file mode 100644 index cddd9b9..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedGrafeasNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, - ValidateAttestationOccurrenceRequest, - ValidateAttestationOccurrenceResponse, -) - -__all__ = ( - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py deleted file mode 100644 index 249e783..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py +++ /dev/null @@ -1,461 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedGrafeasNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container - image binary authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: [a-z.-]+, e.g. 'some-namespace' - kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. 'test-ns:default' - istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-istio-service-identity - admission rules. Istio service identity spec - format: - spiffe:///ns//sa/ - or /ns//sa/ - e.g. spiffe://example.com/ns/test-ns/sa/default - default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - wildcard, but this is allowed only in text after the - ``registry/`` part. This also supports a trailing ``**`` - wildcard which matches subdirectories of a given entry. - """ - - name_pattern = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies - either that all container images used in a pod creation request must - be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1.Attestor], that all - pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (Sequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that - attests to container image artifacts. An existing attestor cannot be - modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): - This specifies how an attestation will be - read, and how it will be used during policy - enforcement. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - user_owned_grafeas_note = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedGrafeasNote', - ) - update_time = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedGrafeasNote(proto.Message): - r"""An [user owned Grafeas - note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] - references a Grafeas Attestation.Authority Note created by the user. - - Attributes: - note_reference (str): - Required. The Grafeas resource name of a - Attestation.Authority Note, created by the user, in the - format: ``projects/*/notes/*``. This field may not be - updated. - - An attestation by this attestor is stored as a Grafeas - Attestation.Authority Occurrence that names a container - image and that links to this Note. Grafeas is an external - dependency. - public_keys (Sequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference = proto.Field( - proto.STRING, - number=1, - ) - public_keys = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that - will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment = proto.Field( - proto.STRING, - number=1, - ) - id = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py deleted file mode 100644 index 146c289..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py +++ /dev/null @@ -1,317 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from grafeas.v1 import attestation_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] value. - The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] field - with the resource name in the request URL, in the format - ``projects/*/policy``. - """ - - policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - attestor_id = proto.Field( - proto.STRING, - number=2, - ) - attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] to - retrieve, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - page_size = proto.Field( - proto.INT32, - number=2, - ) - page_token = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (Sequence[google.cloud.binaryauthorization_v1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] to - delete, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class ValidateAttestationOccurrenceRequest(proto.Message): - r"""Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - attestor (str): - Required. The resource name of the - [Attestor][google.cloud.binaryauthorization.v1.Attestor] of - the [occurrence][grafeas.v1.Occurrence], in the format - ``projects/*/attestors/*``. - attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): - Required. An - [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to - be checked that it can be verified by the Attestor. It does - not have to be an existing entity in Container Analysis. It - must otherwise be a valid AttestationOccurrence. - occurrence_note (str): - Required. The resource name of the [Note][grafeas.v1.Note] - to which the containing [Occurrence][grafeas.v1.Occurrence] - is associated. - occurrence_resource_uri (str): - Required. The URI of the artifact (e.g. container image) - that is the subject of the containing - [Occurrence][grafeas.v1.Occurrence]. - """ - - attestor = proto.Field( - proto.STRING, - number=1, - ) - attestation = proto.Field( - proto.MESSAGE, - number=2, - message=attestation_pb2.AttestationOccurrence, - ) - occurrence_note = proto.Field( - proto.STRING, - number=3, - ) - occurrence_resource_uri = proto.Field( - proto.STRING, - number=4, - ) - - -class ValidateAttestationOccurrenceResponse(proto.Message): - r"""Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): - The result of the Attestation validation. - denial_reason (str): - The reason for denial if the Attestation - couldn't be validated. - """ - class Result(proto.Enum): - r"""The enum returned in the "result" field.""" - RESULT_UNSPECIFIED = 0 - VERIFIED = 1 - ATTESTATION_NOT_VERIFIABLE = 2 - - result = proto.Field( - proto.ENUM, - number=1, - enum=Result, - ) - denial_reason = proto.Field( - proto.STRING, - number=2, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py deleted file mode 100644 index 9dee1a0..0000000 --- a/owl-bot-staging/v1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py deleted file mode 100644 index 42f52bc..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py deleted file mode 100644 index e51ea8d..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py deleted file mode 100644 index 42c7afa..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py deleted file mode 100644 index e435188..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py deleted file mode 100644 index 61dbe83..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py deleted file mode 100644 index 7272538..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py deleted file mode 100644 index 287a39f..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py deleted file mode 100644 index 108d76c..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py deleted file mode 100644 index 2670d1a..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py deleted file mode 100644 index d7eecc9..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py deleted file mode 100644 index 8f0bd69..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py deleted file mode 100644 index 38073e4..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py deleted file mode 100644 index 12fc571..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py deleted file mode 100644 index d1ce288..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py deleted file mode 100644 index 3458ff1..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py deleted file mode 100644 index 9d84367..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py deleted file mode 100644 index 248502b..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py deleted file mode 100644 index 44cb427..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json deleted file mode 100644 index 5e15984..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json +++ /dev/null @@ -1,1465 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1", - "version": "v1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", - "shortName": "SystemPolicyV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", - "shortName": "SystemPolicyV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", - "shortName": "ValidationHelperV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", - "shortName": "ValidationHelperV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py deleted file mode 100644 index 62deb91..0000000 --- a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py +++ /dev/null @@ -1,184 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt deleted file mode 100644 index aca9f2d..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.7.txt +++ /dev/null @@ -1,11 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -# This file is intentionally left empty to test the -# latest versions of dependencies. -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py deleted file mode 100644 index d628bd1..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1GrpcTransport, - ) - -def test_binauthz_management_service_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py deleted file mode 100644 index 39f62c7..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1GrpcTransport, "grpc"), - (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_client_get_transport_class(): - transport = SystemPolicyV1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Client, SystemPolicyV1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1GrpcTransport, - ) - -def test_system_policy_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_no_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_with_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py deleted file mode 100644 index 837321c..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py +++ /dev/null @@ -1,1293 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from grafeas.v1 import attestation_pb2 # type: ignore -from grafeas.v1 import common_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.ValidationHelperV1GrpcTransport, "grpc"), - (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_validation_helper_v1_client_get_transport_class(): - transport = ValidationHelperV1Client.get_transport_class() - available_transports = [ - transports.ValidationHelperV1GrpcTransport, - ] - assert transport in available_transports - - transport = ValidationHelperV1Client.get_transport_class("grpc") - assert transport == transports.ValidationHelperV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - ValidationHelperV1Client, ValidationHelperV1AsyncClient -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_validation_helper_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = ValidationHelperV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.ValidateAttestationOccurrenceRequest, - dict, -]) -def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - ) - response = client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -def test_validate_attestation_occurrence_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - client.validate_attestation_occurrence() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - )) - response = await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async_from_dict(): - await test_validate_attestation_occurrence_async(request_type=dict) - - -def test_validate_attestation_occurrence_field_headers(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = service.ValidateAttestationOccurrenceResponse() - client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_field_headers_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) - await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = ValidationHelperV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = ValidationHelperV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.ValidationHelperV1GrpcTransport, - ) - -def test_validation_helper_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_validation_helper_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'validate_attestation_occurrence', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_validation_helper_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_validation_helper_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport() - adc.assert_called_once() - - -def test_validation_helper_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - ValidationHelperV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ValidationHelperV1GrpcTransport, grpc_helpers), - (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_no_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_with_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_validation_helper_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_validation_helper_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_common_billing_account_path(): - billing_account = "squid" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = ValidationHelperV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "clam", - } - path = ValidationHelperV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "whelk" - expected = "folders/{folder}".format(folder=folder, ) - actual = ValidationHelperV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "octopus", - } - path = ValidationHelperV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "oyster" - expected = "organizations/{organization}".format(organization=organization, ) - actual = ValidationHelperV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "nudibranch", - } - path = ValidationHelperV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "cuttlefish" - expected = "projects/{project}".format(project=project, ) - actual = ValidationHelperV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "mussel", - } - path = ValidationHelperV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "winkle" - location = "nautilus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = ValidationHelperV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "scallop", - "location": "abalone", - } - path = ValidationHelperV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - transport_class = ValidationHelperV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1beta1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1beta1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in deleted file mode 100644 index dcb06b9..0000000 --- a/owl-bot-staging/v1beta1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1beta1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst deleted file mode 100644 index 22016d0..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1Beta1 --------------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst deleted file mode 100644 index 0d0e455..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst +++ /dev/null @@ -1,7 +0,0 @@ -Services for Google Cloud Binaryauthorization v1beta1 API -========================================================= -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1_beta1 - system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst deleted file mode 100644 index 70a68bc..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1Beta1 -------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst deleted file mode 100644 index aa0d435..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst +++ /dev/null @@ -1,7 +0,0 @@ -Types for Google Cloud Binaryauthorization v1beta1 API -====================================================== - -.. automodule:: google.cloud.binaryauthorization_v1beta1.types - :members: - :undoc-members: - :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1beta1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst deleted file mode 100644 index 787a5eb..0000000 --- a/owl-bot-staging/v1beta1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1beta1/services - binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index ad30948..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,65 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient - -from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor -from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import Policy -from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote -from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest - -__all__ = ('BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py deleted file mode 100644 index 35859c3..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py +++ /dev/null @@ -1,16 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 39fdf61..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,66 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient - -from .types.continuous_validation_logging import ContinuousValidationEvent -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedDrydockNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest - -__all__ = ( - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Beta1Client', -'ContinuousValidationEvent', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Beta1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedDrydockNote', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json deleted file mode 100644 index 65f5f50..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json +++ /dev/null @@ -1,117 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1beta1", - "protoPackage": "google.cloud.binaryauthorization.v1beta1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Beta1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Beta1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1Beta1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py deleted file mode 100644 index c00aba6..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Beta1Client -from .async_client import BinauthzManagementServiceV1Beta1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py deleted file mode 100644 index 7eded62..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py +++ /dev/null @@ -1,1063 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Beta1Client - - -class BinauthzManagementServiceV1Beta1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - _client: BinauthzManagementServiceV1Beta1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py deleted file mode 100644 index 7ab0540..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ /dev/null @@ -1,1231 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1Beta1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[BinauthzManagementServiceV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Beta1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): - # transport is a BinauthzManagementServiceV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py deleted file mode 100644 index 3d12ffa..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py deleted file mode 100644 index 207eade..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Beta1Transport -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', - 'BinauthzManagementServiceV1Beta1GrpcTransport', - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py deleted file mode 100644 index 460f97b..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Beta1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py deleted file mode 100644 index e34903a..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,469 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index c611740..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,468 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport - - -class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py deleted file mode 100644 index 3fc064c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Beta1Client -from .async_client import SystemPolicyV1Beta1AsyncClient - -__all__ = ( - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py deleted file mode 100644 index d8ec68d..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py +++ /dev/null @@ -1,309 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport -from .client import SystemPolicyV1Beta1Client - - -class SystemPolicyV1Beta1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Beta1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py deleted file mode 100644 index 544d61b..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ /dev/null @@ -1,510 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1Beta1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -class SystemPolicyV1Beta1ClientMeta(type): - """Metaclass for the SystemPolicyV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] - _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[SystemPolicyV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Beta1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Beta1Transport): - # transport is a SystemPolicyV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py deleted file mode 100644 index 2afe7f8..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Beta1Transport -from .grpc import SystemPolicyV1Beta1GrpcTransport -from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] -_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Beta1Transport', - 'SystemPolicyV1Beta1GrpcTransport', - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py deleted file mode 100644 index d4dbc15..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Beta1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py deleted file mode 100644 index 87d6095..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): - """gRPC backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index 4e9d5e7..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1Beta1GrpcTransport - - -class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py deleted file mode 100644 index 289c81c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .continuous_validation_logging import ( - ContinuousValidationEvent, -) -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedDrydockNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, -) - -__all__ = ( - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py deleted file mode 100644 index 7b4eb1c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py +++ /dev/null @@ -1,161 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'ContinuousValidationEvent', - }, -) - - -class ContinuousValidationEvent(proto.Message): - r"""Represents an auditing event from Continuous Validation. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): - Pod event. - - This field is a member of `oneof`_ ``event_type``. - unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): - Unsupported policy event. - - This field is a member of `oneof`_ ``event_type``. - """ - - class ContinuousValidationPodEvent(proto.Message): - r"""An auditing event for one Pod. - - Attributes: - pod_namespace (str): - The k8s namespace of the Pod. - pod (str): - The name of the Pod. - deploy_time (google.protobuf.timestamp_pb2.Timestamp): - Deploy time of the Pod from k8s. - end_time (google.protobuf.timestamp_pb2.Timestamp): - Termination time of the Pod from k8s, or - nothing if still running. - verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): - Auditing verdict for this Pod. - images (Sequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): - List of images with auditing details. - """ - class PolicyConformanceVerdict(proto.Enum): - r"""Audit time policy conformance verdict.""" - POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 - VIOLATES_POLICY = 1 - - class ImageDetails(proto.Message): - r"""Container image with auditing details. - - Attributes: - image (str): - The name of the image. - result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): - The result of the audit for this image. - description (str): - Description of the above result. - """ - class AuditResult(proto.Enum): - r"""Result of the audit.""" - AUDIT_RESULT_UNSPECIFIED = 0 - ALLOW = 1 - DENY = 2 - - image = proto.Field( - proto.STRING, - number=1, - ) - result = proto.Field( - proto.ENUM, - number=2, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', - ) - description = proto.Field( - proto.STRING, - number=3, - ) - - pod_namespace = proto.Field( - proto.STRING, - number=7, - ) - pod = proto.Field( - proto.STRING, - number=1, - ) - deploy_time = proto.Field( - proto.MESSAGE, - number=2, - message=timestamp_pb2.Timestamp, - ) - end_time = proto.Field( - proto.MESSAGE, - number=3, - message=timestamp_pb2.Timestamp, - ) - verdict = proto.Field( - proto.ENUM, - number=4, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', - ) - images = proto.RepeatedField( - proto.MESSAGE, - number=5, - message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', - ) - - class UnsupportedPolicyEvent(proto.Message): - r"""An event describing that the project policy is unsupported by - CV. - - Attributes: - description (str): - A description of the unsupported policy. - """ - - description = proto.Field( - proto.STRING, - number=1, - ) - - pod_event = proto.Field( - proto.MESSAGE, - number=1, - oneof='event_type', - message=ContinuousValidationPodEvent, - ) - unsupported_policy_event = proto.Field( - proto.MESSAGE, - number=2, - oneof='event_type', - message=UnsupportedPolicyEvent, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py deleted file mode 100644 index 1d974e8..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py +++ /dev/null @@ -1,461 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedDrydockNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - Binary Authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` - kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. ``test-ns:default`` - istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-istio-service-identity admission rules. Istio - service identity spec format: - ``spiffe:///ns//sa/`` or - ``/ns//sa/`` e.g. - ``spiffe://example.com/ns/test-ns/sa/default`` - default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - as a wildcard, but this is allowed only in text after the - ``registry/`` part. ``*`` wildcard does not match ``/``, - i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but - it does not match ``gcr.io/nginx/image``. This also supports - a trailing ``**`` wildcard which matches subdirectories, - i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. - """ - - name_pattern = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] - specifies either that all container images used in a pod creation - request must be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that - all pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (Sequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - that attests to container image artifacts. An existing attestor - cannot be modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): - A Drydock ATTESTATION_AUTHORITY Note, created by the user. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - user_owned_drydock_note = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedDrydockNote', - ) - update_time = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedDrydockNote(proto.Message): - r"""An [user owned drydock - note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] - references a Drydock ATTESTATION_AUTHORITY Note created by the user. - - Attributes: - note_reference (str): - Required. The Drydock resource name of a - ATTESTATION_AUTHORITY Note, created by the user, in the - format: ``projects/*/notes/*`` (or the legacy - ``providers/*/notes/*``). This field may not be updated. - - An attestation by this attestor is stored as a Drydock - ATTESTATION_AUTHORITY Occurrence that names a container - image and that links to this Note. Drydock is an external - dependency. - public_keys (Sequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference = proto.Field( - proto.STRING, - number=1, - ) - public_keys = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] - that will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment = proto.Field( - proto.STRING, - number=1, - ) - id = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py deleted file mode 100644 index 8cd3dfd..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py +++ /dev/null @@ -1,241 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - """ - - policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - attestor_id = proto.Field( - proto.STRING, - number=2, - ) - attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - page_size = proto.Field( - proto.INT32, - number=2, - ) - page_token = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (Sequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1beta1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py deleted file mode 100644 index b45044d..0000000 --- a/owl-bot-staging/v1beta1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1beta1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py deleted file mode 100644 index 793b1ea..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py deleted file mode 100644 index 4de96ca..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py deleted file mode 100644 index 3aa680b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py deleted file mode 100644 index 7a0a694..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py deleted file mode 100644 index d3affd0..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py deleted file mode 100644 index b2fa796..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py deleted file mode 100644 index 99deaa5..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py deleted file mode 100644 index ae48362..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py deleted file mode 100644 index 9373d89..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py deleted file mode 100644 index 24f6afc..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py deleted file mode 100644 index 463bb99..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py deleted file mode 100644 index 21ce41a..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py deleted file mode 100644 index 2d3f605..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py deleted file mode 100644 index 85ba6b8..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py deleted file mode 100644 index 36a01b4..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py deleted file mode 100644 index 6b68d3b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json deleted file mode 100644 index e73dca4..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json +++ /dev/null @@ -1,1312 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1beta1", - "version": "v1beta1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", - "shortName": "SystemPolicyV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", - "shortName": "SystemPolicyV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py deleted file mode 100644 index e4d7076..0000000 --- a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py +++ /dev/null @@ -1,183 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1beta1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt deleted file mode 100644 index aca9f2d..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt +++ /dev/null @@ -1,11 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -# This file is intentionally left empty to test the -# latest versions of dependencies. -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py deleted file mode 100644 index e2b10aa..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_beta1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ) - -def test_binauthz_management_service_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py deleted file mode 100644 index b1902f9..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_beta1_client_get_transport_class(): - transport = SystemPolicyV1Beta1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1Beta1GrpcTransport, - ) - -def test_system_policy_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_no_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_with_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/testing/constraints-3.10.txt b/testing/constraints-3.10.txt index e69de29..ed7f9ae 100644 --- a/testing/constraints-3.10.txt +++ b/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/testing/constraints-3.11.txt b/testing/constraints-3.11.txt index e69de29..ed7f9ae 100644 --- a/testing/constraints-3.11.txt +++ b/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/testing/constraints-3.7.txt b/testing/constraints-3.7.txt index 0e52024..aca9f2d 100644 --- a/testing/constraints-3.7.txt +++ b/testing/constraints-3.7.txt @@ -4,7 +4,8 @@ # Pin the version to the lower bound. # e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", # Then this file should have google-cloud-foo==1.14.0 -google-api-core==1.32.0 +# This file is intentionally left empty to test the +# latest versions of dependencies. +google-api-core==1.33.2 proto-plus==1.22.0 -grafeas==1.1.2 protobuf==3.19.5 diff --git a/testing/constraints-3.8.txt b/testing/constraints-3.8.txt index da93009..ed7f9ae 100644 --- a/testing/constraints-3.8.txt +++ b/testing/constraints-3.8.txt @@ -1,2 +1,6 @@ -# This constraints file is left inentionally empty -# so the latest version of dependencies is installed \ No newline at end of file +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/testing/constraints-3.9.txt b/testing/constraints-3.9.txt index da93009..ed7f9ae 100644 --- a/testing/constraints-3.9.txt +++ b/testing/constraints-3.9.txt @@ -1,2 +1,6 @@ -# This constraints file is left inentionally empty -# so the latest version of dependencies is installed \ No newline at end of file +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf From 926d43b5fc8d2b8cf5c09ac981b81c6179836762 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Sat, 5 Nov 2022 11:42:13 +0000 Subject: [PATCH 03/18] update version in gapic_version.py --- google/cloud/binaryauthorization/gapic_version.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/google/cloud/binaryauthorization/gapic_version.py b/google/cloud/binaryauthorization/gapic_version.py index 35859c3..e370372 100644 --- a/google/cloud/binaryauthorization/gapic_version.py +++ b/google/cloud/binaryauthorization/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "0.1.0" +__version__ = "1.3.3" # {x-release-please-version} From e6a7a3ea2e6f2407823554a9ca44300ed9aa4952 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Sat, 5 Nov 2022 12:21:56 +0000 Subject: [PATCH 04/18] add .release-please-manifest.json with correct version --- .release-please-manifest.json | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .release-please-manifest.json diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..b3e3395 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "1.3.3" +} From edddad72a1ac17cc6d4407687572ac6b88b03023 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Mon, 7 Nov 2022 13:47:12 +0000 Subject: [PATCH 05/18] set manifest to true in .github/release-please.yml --- .github/release-please.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/release-please.yml b/.github/release-please.yml index 6def37a..e9a4f00 100644 --- a/.github/release-please.yml +++ b/.github/release-please.yml @@ -1,5 +1,6 @@ releaseType: python handleGHRelease: true +manifest: true # NOTE: this section is generated by synthtool.languages.python # See https://github.com/googleapis/synthtool/blob/master/synthtool/languages/python.py branches: From f6e007c9067195df2aad6fc19724a01f31900e3f Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Mon, 7 Nov 2022 16:08:20 +0000 Subject: [PATCH 06/18] add release-please-config.json --- release-please-config.json | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 release-please-config.json diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..1c11d10 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,28 @@ +{ + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json", + "packages": { + ".": { + "release-type": "python", + "extra-files": [ + "google/cloud/binaryauthorization/gapic_version.py", + { + "type": "json", + "path": "samples/generated_samples/snippet_metadata_binaryauthorization_v1.json", + "jsonpath": "$.clientLibrary.version" + }, + { + "type": "json", + "path": "samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json", + "jsonpath": "$.clientLibrary.version" + } + ] + } + }, + "release-type": "python", + "plugins": [ + { + "type": "sentence-case" + } + ], + "initial-version": "0.1.0" +} From 0f0cf253d973ed4858460956a6a50e33415fb302 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Mon, 7 Nov 2022 16:17:43 +0000 Subject: [PATCH 07/18] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot=20?= =?UTF-8?q?post-processor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- .github/release-please.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/release-please.yml b/.github/release-please.yml index e9a4f00..6def37a 100644 --- a/.github/release-please.yml +++ b/.github/release-please.yml @@ -1,6 +1,5 @@ releaseType: python handleGHRelease: true -manifest: true # NOTE: this section is generated by synthtool.languages.python # See https://github.com/googleapis/synthtool/blob/master/synthtool/languages/python.py branches: From 0986768d38b8e053b8c92831860418095ca0b828 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Wed, 9 Nov 2022 23:42:51 +0000 Subject: [PATCH 08/18] chore: Update to gapic-generator-python 1.6.0 feat(python): Add typing to proto.Message based class attributes feat(python): Snippetgen handling of repeated enum field PiperOrigin-RevId: 487326846 Source-Link: https://github.com/googleapis/googleapis/commit/da380c77bb87ba0f752baf07605dd1db30e1f7e1 Source-Link: https://github.com/googleapis/googleapis-gen/commit/61ef5762ee6731a0cbbfea22fd0eecee51ab1c8e Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiNjFlZjU3NjJlZTY3MzFhMGNiYmZlYTIyZmQwZWVjZWU1MWFiMWM4ZSJ9 --- owl-bot-staging/v1/.coveragerc | 17 + owl-bot-staging/v1/.flake8 | 33 + owl-bot-staging/v1/MANIFEST.in | 2 + owl-bot-staging/v1/README.rst | 49 + .../binauthz_management_service_v1.rst | 10 + .../docs/binaryauthorization_v1/services.rst | 8 + .../system_policy_v1.rst | 6 + .../v1/docs/binaryauthorization_v1/types.rst | 7 + .../validation_helper_v1.rst | 6 + owl-bot-staging/v1/docs/conf.py | 376 ++ owl-bot-staging/v1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 71 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../cloud/binaryauthorization_v1/__init__.py | 72 + .../gapic_metadata.json | 141 + .../cloud/binaryauthorization_v1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1057 ++++++ .../binauthz_management_service_v1/client.py | 1225 +++++++ .../binauthz_management_service_v1/pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 465 +++ .../transports/grpc_asyncio.py | 464 +++ .../services/system_policy_v1/__init__.py | 22 + .../services/system_policy_v1/async_client.py | 308 ++ .../services/system_policy_v1/client.py | 509 +++ .../system_policy_v1/transports/__init__.py | 33 + .../system_policy_v1/transports/base.py | 155 + .../system_policy_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../services/validation_helper_v1/__init__.py | 22 + .../validation_helper_v1/async_client.py | 285 ++ .../services/validation_helper_v1/client.py | 478 +++ .../transports/__init__.py | 33 + .../validation_helper_v1/transports/base.py | 154 + .../validation_helper_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../binaryauthorization_v1/types/__init__.py | 58 + .../binaryauthorization_v1/types/resources.py | 461 +++ .../binaryauthorization_v1/types/service.py | 317 ++ owl-bot-staging/v1/mypy.ini | 3 + owl-bot-staging/v1/noxfile.py | 179 + ...gement_service_v1_create_attestor_async.py | 58 + ...agement_service_v1_create_attestor_sync.py | 58 + ...gement_service_v1_delete_attestor_async.py | 50 + ...agement_service_v1_delete_attestor_sync.py | 50 + ...anagement_service_v1_get_attestor_async.py | 52 + ...management_service_v1_get_attestor_sync.py | 52 + ..._management_service_v1_get_policy_async.py | 52 + ...z_management_service_v1_get_policy_sync.py | 52 + ...agement_service_v1_list_attestors_async.py | 53 + ...nagement_service_v1_list_attestors_sync.py | 53 + ...gement_service_v1_update_attestor_async.py | 56 + ...agement_service_v1_update_attestor_sync.py | 56 + ...nagement_service_v1_update_policy_async.py | 56 + ...anagement_service_v1_update_policy_sync.py | 56 + ...ystem_policy_v1_get_system_policy_async.py | 52 + ...system_policy_v1_get_system_policy_sync.py | 52 + ...1_validate_attestation_occurrence_async.py | 54 + ...v1_validate_attestation_occurrence_sync.py | 54 + ...ippet_metadata_binaryauthorization_v1.json | 1465 ++++++++ ...a_google.cloud.binaryauthorization.v1.json | 1466 ++++++++ .../fixup_binaryauthorization_v1_keywords.py | 184 + owl-bot-staging/v1/setup.py | 90 + .../v1/testing/constraints-3.10.txt | 6 + .../v1/testing/constraints-3.11.txt | 6 + .../v1/testing/constraints-3.7.txt | 11 + .../v1/testing/constraints-3.8.txt | 6 + .../v1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1/tests/__init__.py | 16 + owl-bot-staging/v1/tests/unit/__init__.py | 16 + .../v1/tests/unit/gapic/__init__.py | 16 + .../gapic/binaryauthorization_v1/__init__.py | 16 + .../test_binauthz_management_service_v1.py | 3039 +++++++++++++++++ .../test_system_policy_v1.py | 1396 ++++++++ .../test_validation_helper_v1.py | 1293 +++++++ owl-bot-staging/v1beta1/.coveragerc | 17 + owl-bot-staging/v1beta1/.flake8 | 33 + owl-bot-staging/v1beta1/MANIFEST.in | 2 + owl-bot-staging/v1beta1/README.rst | 49 + .../binauthz_management_service_v1_beta1.rst | 10 + .../binaryauthorization_v1beta1/services.rst | 7 + .../system_policy_v1_beta1.rst | 6 + .../binaryauthorization_v1beta1/types.rst | 7 + owl-bot-staging/v1beta1/docs/conf.py | 376 ++ owl-bot-staging/v1beta1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 65 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../binaryauthorization_v1beta1/__init__.py | 66 + .../gapic_metadata.json | 117 + .../binaryauthorization_v1beta1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1063 ++++++ .../client.py | 1231 +++++++ .../pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 469 +++ .../transports/grpc_asyncio.py | 468 +++ .../system_policy_v1_beta1/__init__.py | 22 + .../system_policy_v1_beta1/async_client.py | 309 ++ .../services/system_policy_v1_beta1/client.py | 510 +++ .../transports/__init__.py | 33 + .../system_policy_v1_beta1/transports/base.py | 155 + .../system_policy_v1_beta1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../types/__init__.py | 58 + .../types/continuous_validation_logging.py | 161 + .../types/resources.py | 461 +++ .../types/service.py | 241 ++ owl-bot-staging/v1beta1/mypy.ini | 3 + owl-bot-staging/v1beta1/noxfile.py | 179 + ..._service_v1_beta1_create_attestor_async.py | 58 + ...t_service_v1_beta1_create_attestor_sync.py | 58 + ..._service_v1_beta1_delete_attestor_async.py | 50 + ...t_service_v1_beta1_delete_attestor_sync.py | 50 + ...ent_service_v1_beta1_get_attestor_async.py | 52 + ...ment_service_v1_beta1_get_attestor_sync.py | 52 + ...ement_service_v1_beta1_get_policy_async.py | 52 + ...gement_service_v1_beta1_get_policy_sync.py | 52 + ...t_service_v1_beta1_list_attestors_async.py | 53 + ...nt_service_v1_beta1_list_attestors_sync.py | 53 + ..._service_v1_beta1_update_attestor_async.py | 56 + ...t_service_v1_beta1_update_attestor_sync.py | 56 + ...nt_service_v1_beta1_update_policy_async.py | 56 + ...ent_service_v1_beta1_update_policy_sync.py | 56 + ...policy_v1_beta1_get_system_policy_async.py | 52 + ..._policy_v1_beta1_get_system_policy_sync.py | 52 + ..._metadata_binaryauthorization_v1beta1.json | 1312 +++++++ ...gle.cloud.binaryauthorization.v1beta1.json | 1313 +++++++ ...up_binaryauthorization_v1beta1_keywords.py | 183 + owl-bot-staging/v1beta1/setup.py | 90 + .../v1beta1/testing/constraints-3.10.txt | 6 + .../v1beta1/testing/constraints-3.11.txt | 6 + .../v1beta1/testing/constraints-3.7.txt | 11 + .../v1beta1/testing/constraints-3.8.txt | 6 + .../v1beta1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1beta1/tests/__init__.py | 16 + .../v1beta1/tests/unit/__init__.py | 16 + .../v1beta1/tests/unit/gapic/__init__.py | 16 + .../binaryauthorization_v1beta1/__init__.py | 16 + ...st_binauthz_management_service_v1_beta1.py | 3039 +++++++++++++++++ .../test_system_policy_v1_beta1.py | 1396 ++++++++ 148 files changed, 34063 insertions(+) create mode 100644 owl-bot-staging/v1/.coveragerc create mode 100644 owl-bot-staging/v1/.flake8 create mode 100644 owl-bot-staging/v1/MANIFEST.in create mode 100644 owl-bot-staging/v1/README.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst create mode 100644 owl-bot-staging/v1/docs/conf.py create mode 100644 owl-bot-staging/v1/docs/index.rst create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py create mode 100644 owl-bot-staging/v1/mypy.ini create mode 100644 owl-bot-staging/v1/noxfile.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json create mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json create mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py create mode 100644 owl-bot-staging/v1/setup.py create mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1/tests/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py create mode 100644 owl-bot-staging/v1beta1/.coveragerc create mode 100644 owl-bot-staging/v1beta1/.flake8 create mode 100644 owl-bot-staging/v1beta1/MANIFEST.in create mode 100644 owl-bot-staging/v1beta1/README.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst create mode 100644 owl-bot-staging/v1beta1/docs/conf.py create mode 100644 owl-bot-staging/v1beta1/docs/index.rst create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py create mode 100644 owl-bot-staging/v1beta1/mypy.ini create mode 100644 owl-bot-staging/v1beta1/noxfile.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json create mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py create mode 100644 owl-bot-staging/v1beta1/setup.py create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1beta1/tests/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in new file mode 100644 index 0000000..25c03c6 --- /dev/null +++ b/owl-bot-staging/v1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst new file mode 100644 index 0000000..1d11618 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1 +--------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst new file mode 100644 index 0000000..d8423c9 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst @@ -0,0 +1,8 @@ +Services for Google Cloud Binaryauthorization v1 API +==================================================== +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1 + system_policy_v1 + validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst new file mode 100644 index 0000000..da7e2d4 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1 +-------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst new file mode 100644 index 0000000..f693b22 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst @@ -0,0 +1,7 @@ +Types for Google Cloud Binaryauthorization v1 API +================================================= + +.. automodule:: google.cloud.binaryauthorization_v1.types + :members: + :undoc-members: + :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst new file mode 100644 index 0000000..5d92ddc --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst @@ -0,0 +1,6 @@ +ValidationHelperV1 +------------------------------------ + +.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst new file mode 100644 index 0000000..5c33d39 --- /dev/null +++ b/owl-bot-staging/v1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1/services + binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..cd87c27 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,71 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient + +from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1.types.resources import Attestor +from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1.types.resources import Policy +from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote +from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse + +__all__ = ('BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..4a0253e --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py @@ -0,0 +1,72 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from .services.system_policy_v1 import SystemPolicyV1Client +from .services.system_policy_v1 import SystemPolicyV1AsyncClient +from .services.validation_helper_v1 import ValidationHelperV1Client +from .services.validation_helper_v1 import ValidationHelperV1AsyncClient + +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedGrafeasNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest +from .types.service import ValidateAttestationOccurrenceRequest +from .types.service import ValidateAttestationOccurrenceResponse + +__all__ = ( + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Client', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedGrafeasNote', +'ValidateAttestationOccurrenceRequest', +'ValidateAttestationOccurrenceResponse', +'ValidationHelperV1Client', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json new file mode 100644 index 0000000..1d349e7 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json @@ -0,0 +1,141 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1", + "protoPackage": "google.cloud.binaryauthorization.v1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + }, + "ValidationHelperV1": { + "clients": { + "grpc": { + "libraryClient": "ValidationHelperV1Client", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + }, + "grpc-async": { + "libraryClient": "ValidationHelperV1AsyncClient", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py new file mode 100644 index 0000000..eb79aec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Client +from .async_client import BinauthzManagementServiceV1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py new file mode 100644 index 0000000..1b08a59 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py @@ -0,0 +1,1057 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Client + + +class BinauthzManagementServiceV1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + _client: BinauthzManagementServiceV1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py new file mode 100644 index 0000000..077a95c --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -0,0 +1,1225 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[BinauthzManagementServiceV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Transport): + # transport is a BinauthzManagementServiceV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py new file mode 100644 index 0000000..2c7aa53 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py new file mode 100644 index 0000000..7ab66d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Transport +from .grpc import BinauthzManagementServiceV1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Transport', + 'BinauthzManagementServiceV1GrpcTransport', + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py new file mode 100644 index 0000000..b9b7fe3 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py new file mode 100644 index 0000000..0ee1346 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py @@ -0,0 +1,465 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): + """gRPC backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..f6be296 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py @@ -0,0 +1,464 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1GrpcTransport + + +class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py new file mode 100644 index 0000000..61a11e8 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Client +from .async_client import SystemPolicyV1AsyncClient + +__all__ = ( + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py new file mode 100644 index 0000000..2eb5323 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py @@ -0,0 +1,308 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport +from .client import SystemPolicyV1Client + + +class SystemPolicyV1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py new file mode 100644 index 0000000..0077daf --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -0,0 +1,509 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +class SystemPolicyV1ClientMeta(type): + """Metaclass for the SystemPolicyV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] + _transport_registry["grpc"] = SystemPolicyV1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[SystemPolicyV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Transport): + # transport is a SystemPolicyV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py new file mode 100644 index 0000000..feea8d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Transport +from .grpc import SystemPolicyV1GrpcTransport +from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] +_transport_registry['grpc'] = SystemPolicyV1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Transport', + 'SystemPolicyV1GrpcTransport', + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py new file mode 100644 index 0000000..2421893 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py new file mode 100644 index 0000000..91578cd --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): + """gRPC backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..893ef80 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1GrpcTransport + + +class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py new file mode 100644 index 0000000..5a441c1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import ValidationHelperV1Client +from .async_client import ValidationHelperV1AsyncClient + +__all__ = ( + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py new file mode 100644 index 0000000..45a238c --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py @@ -0,0 +1,285 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport +from .client import ValidationHelperV1Client + + +class ValidationHelperV1AsyncClient: + """BinAuthz Attestor verification""" + + _client: ValidationHelperV1Client + + DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT + + common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) + parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) + common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) + parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) + common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) + parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) + common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) + parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = ValidationHelperV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def validate_attestation_occurrence(self, + request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.validate_attestation_occurrence, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py new file mode 100644 index 0000000..0c635d1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -0,0 +1,478 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import ValidationHelperV1GrpcTransport +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +class ValidationHelperV1ClientMeta(type): + """Metaclass for the ValidationHelperV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] + _transport_registry["grpc"] = ValidationHelperV1GrpcTransport + _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[ValidationHelperV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): + """BinAuthz Attestor verification""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, ValidationHelperV1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, ValidationHelperV1Transport): + # transport is a ValidationHelperV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def validate_attestation_occurrence(self, + request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + # Minor optimization to avoid making a copy if the user passes + # in a service.ValidateAttestationOccurrenceRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ValidateAttestationOccurrenceRequest): + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py new file mode 100644 index 0000000..09986f1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import ValidationHelperV1Transport +from .grpc import ValidationHelperV1GrpcTransport +from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] +_transport_registry['grpc'] = ValidationHelperV1GrpcTransport +_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport + +__all__ = ( + 'ValidationHelperV1Transport', + 'ValidationHelperV1GrpcTransport', + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py new file mode 100644 index 0000000..afce65a --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py @@ -0,0 +1,154 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class ValidationHelperV1Transport(abc.ABC): + """Abstract transport class for ValidationHelperV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.validate_attestation_occurrence: gapic_v1.method.wrap_method( + self.validate_attestation_occurrence, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Union[ + service.ValidateAttestationOccurrenceResponse, + Awaitable[service.ValidateAttestationOccurrenceResponse] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'ValidationHelperV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py new file mode 100644 index 0000000..1e208d8 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO + + +class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): + """gRPC backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + service.ValidateAttestationOccurrenceResponse]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + ~.ValidateAttestationOccurrenceResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'ValidationHelperV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..8e3266d --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .grpc import ValidationHelperV1GrpcTransport + + +class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): + """gRPC AsyncIO backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Awaitable[service.ValidateAttestationOccurrenceResponse]]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + Awaitable[~.ValidateAttestationOccurrenceResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py new file mode 100644 index 0000000..cddd9b9 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedGrafeasNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, + ValidateAttestationOccurrenceRequest, + ValidateAttestationOccurrenceResponse, +) + +__all__ = ( + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py new file mode 100644 index 0000000..249e783 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py @@ -0,0 +1,461 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedGrafeasNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container + image binary authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: [a-z.-]+, e.g. 'some-namespace' + kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. 'test-ns:default' + istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-istio-service-identity + admission rules. Istio service identity spec + format: + spiffe:///ns//sa/ + or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default + default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + wildcard, but this is allowed only in text after the + ``registry/`` part. This also supports a trailing ``**`` + wildcard which matches subdirectories of a given entry. + """ + + name_pattern = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies + either that all container images used in a pod creation request must + be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1.Attestor], that all + pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (Sequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that + attests to container image artifacts. An existing attestor cannot be + modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): + This specifies how an attestation will be + read, and how it will be used during policy + enforcement. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + user_owned_grafeas_note = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedGrafeasNote', + ) + update_time = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedGrafeasNote(proto.Message): + r"""An [user owned Grafeas + note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] + references a Grafeas Attestation.Authority Note created by the user. + + Attributes: + note_reference (str): + Required. The Grafeas resource name of a + Attestation.Authority Note, created by the user, in the + format: ``projects/*/notes/*``. This field may not be + updated. + + An attestation by this attestor is stored as a Grafeas + Attestation.Authority Occurrence that names a container + image and that links to this Note. Grafeas is an external + dependency. + public_keys (Sequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference = proto.Field( + proto.STRING, + number=1, + ) + public_keys = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that + will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment = proto.Field( + proto.STRING, + number=1, + ) + id = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py new file mode 100644 index 0000000..146c289 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py @@ -0,0 +1,317 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from grafeas.v1 import attestation_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] value. + The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] field + with the resource name in the request URL, in the format + ``projects/*/policy``. + """ + + policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + attestor_id = proto.Field( + proto.STRING, + number=2, + ) + attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] to + retrieve, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + page_size = proto.Field( + proto.INT32, + number=2, + ) + page_token = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (Sequence[google.cloud.binaryauthorization_v1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] to + delete, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class ValidateAttestationOccurrenceRequest(proto.Message): + r"""Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + attestor (str): + Required. The resource name of the + [Attestor][google.cloud.binaryauthorization.v1.Attestor] of + the [occurrence][grafeas.v1.Occurrence], in the format + ``projects/*/attestors/*``. + attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): + Required. An + [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to + be checked that it can be verified by the Attestor. It does + not have to be an existing entity in Container Analysis. It + must otherwise be a valid AttestationOccurrence. + occurrence_note (str): + Required. The resource name of the [Note][grafeas.v1.Note] + to which the containing [Occurrence][grafeas.v1.Occurrence] + is associated. + occurrence_resource_uri (str): + Required. The URI of the artifact (e.g. container image) + that is the subject of the containing + [Occurrence][grafeas.v1.Occurrence]. + """ + + attestor = proto.Field( + proto.STRING, + number=1, + ) + attestation = proto.Field( + proto.MESSAGE, + number=2, + message=attestation_pb2.AttestationOccurrence, + ) + occurrence_note = proto.Field( + proto.STRING, + number=3, + ) + occurrence_resource_uri = proto.Field( + proto.STRING, + number=4, + ) + + +class ValidateAttestationOccurrenceResponse(proto.Message): + r"""Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): + The result of the Attestation validation. + denial_reason (str): + The reason for denial if the Attestation + couldn't be validated. + """ + class Result(proto.Enum): + r"""The enum returned in the "result" field.""" + RESULT_UNSPECIFIED = 0 + VERIFIED = 1 + ATTESTATION_NOT_VERIFIABLE = 2 + + result = proto.Field( + proto.ENUM, + number=1, + enum=Result, + ) + denial_reason = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py new file mode 100644 index 0000000..9dee1a0 --- /dev/null +++ b/owl-bot-staging/v1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py new file mode 100644 index 0000000..42f52bc --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py new file mode 100644 index 0000000..e51ea8d --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py new file mode 100644 index 0000000..42c7afa --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py new file mode 100644 index 0000000..e435188 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py new file mode 100644 index 0000000..61dbe83 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py new file mode 100644 index 0000000..7272538 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py new file mode 100644 index 0000000..287a39f --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py new file mode 100644 index 0000000..108d76c --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py new file mode 100644 index 0000000..2670d1a --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py new file mode 100644 index 0000000..d7eecc9 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py new file mode 100644 index 0000000..8f0bd69 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py new file mode 100644 index 0000000..38073e4 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py new file mode 100644 index 0000000..12fc571 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py new file mode 100644 index 0000000..d1ce288 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py new file mode 100644 index 0000000..3458ff1 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py new file mode 100644 index 0000000..9d84367 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py new file mode 100644 index 0000000..248502b --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py new file mode 100644 index 0000000..44cb427 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json new file mode 100644 index 0000000..5e15984 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json @@ -0,0 +1,1465 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1", + "version": "v1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", + "shortName": "SystemPolicyV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", + "shortName": "SystemPolicyV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", + "shortName": "ValidationHelperV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", + "shortName": "ValidationHelperV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json new file mode 100644 index 0000000..6d29a4e --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json @@ -0,0 +1,1466 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1", + "version": "v1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", + "shortName": "SystemPolicyV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", + "shortName": "SystemPolicyV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", + "shortName": "ValidationHelperV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", + "shortName": "ValidationHelperV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py new file mode 100644 index 0000000..62deb91 --- /dev/null +++ b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py @@ -0,0 +1,184 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt new file mode 100644 index 0000000..aca9f2d --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +# This file is intentionally left empty to test the +# latest versions of dependencies. +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py new file mode 100644 index 0000000..d628bd1 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1GrpcTransport, + ) + +def test_binauthz_management_service_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py new file mode 100644 index 0000000..39f62c7 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1GrpcTransport, "grpc"), + (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_client_get_transport_class(): + transport = SystemPolicyV1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Client, SystemPolicyV1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1GrpcTransport, + ) + +def test_system_policy_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_no_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_with_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py new file mode 100644 index 0000000..837321c --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py @@ -0,0 +1,1293 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from grafeas.v1 import attestation_pb2 # type: ignore +from grafeas.v1 import common_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.ValidationHelperV1GrpcTransport, "grpc"), + (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_validation_helper_v1_client_get_transport_class(): + transport = ValidationHelperV1Client.get_transport_class() + available_transports = [ + transports.ValidationHelperV1GrpcTransport, + ] + assert transport in available_transports + + transport = ValidationHelperV1Client.get_transport_class("grpc") + assert transport == transports.ValidationHelperV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + ValidationHelperV1Client, ValidationHelperV1AsyncClient +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_validation_helper_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = ValidationHelperV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.ValidateAttestationOccurrenceRequest, + dict, +]) +def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + ) + response = client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +def test_validate_attestation_occurrence_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + client.validate_attestation_occurrence() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + )) + response = await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async_from_dict(): + await test_validate_attestation_occurrence_async(request_type=dict) + + +def test_validate_attestation_occurrence_field_headers(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = service.ValidateAttestationOccurrenceResponse() + client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_field_headers_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) + await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = ValidationHelperV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = ValidationHelperV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.ValidationHelperV1GrpcTransport, + ) + +def test_validation_helper_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_validation_helper_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'validate_attestation_occurrence', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_validation_helper_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_validation_helper_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport() + adc.assert_called_once() + + +def test_validation_helper_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + ValidationHelperV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.ValidationHelperV1GrpcTransport, grpc_helpers), + (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_no_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_with_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_validation_helper_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_validation_helper_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_common_billing_account_path(): + billing_account = "squid" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = ValidationHelperV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "clam", + } + path = ValidationHelperV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "whelk" + expected = "folders/{folder}".format(folder=folder, ) + actual = ValidationHelperV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "octopus", + } + path = ValidationHelperV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "oyster" + expected = "organizations/{organization}".format(organization=organization, ) + actual = ValidationHelperV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "nudibranch", + } + path = ValidationHelperV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "cuttlefish" + expected = "projects/{project}".format(project=project, ) + actual = ValidationHelperV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "mussel", + } + path = ValidationHelperV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "winkle" + location = "nautilus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = ValidationHelperV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "scallop", + "location": "abalone", + } + path = ValidationHelperV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + transport_class = ValidationHelperV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1beta1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1beta1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in new file mode 100644 index 0000000..dcb06b9 --- /dev/null +++ b/owl-bot-staging/v1beta1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1beta1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst new file mode 100644 index 0000000..22016d0 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1Beta1 +-------------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst new file mode 100644 index 0000000..0d0e455 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst @@ -0,0 +1,7 @@ +Services for Google Cloud Binaryauthorization v1beta1 API +========================================================= +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1_beta1 + system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst new file mode 100644 index 0000000..70a68bc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1Beta1 +------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst new file mode 100644 index 0000000..aa0d435 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst @@ -0,0 +1,7 @@ +Types for Google Cloud Binaryauthorization v1beta1 API +====================================================== + +.. automodule:: google.cloud.binaryauthorization_v1beta1.types + :members: + :undoc-members: + :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst new file mode 100644 index 0000000..787a5eb --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1beta1/services + binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..ad30948 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,65 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient + +from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor +from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import Policy +from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote +from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest + +__all__ = ('BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..39fdf61 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,66 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient + +from .types.continuous_validation_logging import ContinuousValidationEvent +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedDrydockNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest + +__all__ = ( + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Beta1Client', +'ContinuousValidationEvent', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Beta1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedDrydockNote', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json new file mode 100644 index 0000000..65f5f50 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json @@ -0,0 +1,117 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1beta1", + "protoPackage": "google.cloud.binaryauthorization.v1beta1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Beta1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Beta1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1Beta1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py new file mode 100644 index 0000000..c00aba6 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Beta1Client +from .async_client import BinauthzManagementServiceV1Beta1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py new file mode 100644 index 0000000..7eded62 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py @@ -0,0 +1,1063 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Beta1Client + + +class BinauthzManagementServiceV1Beta1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + _client: BinauthzManagementServiceV1Beta1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py new file mode 100644 index 0000000..7ab0540 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -0,0 +1,1231 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1Beta1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[BinauthzManagementServiceV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Beta1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): + # transport is a BinauthzManagementServiceV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Union[service.GetPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Union[service.UpdatePolicyRequest, dict] = None, + *, + policy: resources.Policy = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Union[service.CreateAttestorRequest, dict] = None, + *, + parent: str = None, + attestor_id: str = None, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Union[service.GetAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Union[service.UpdateAttestorRequest, dict] = None, + *, + attestor: resources.Attestor = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Union[service.ListAttestorsRequest, dict] = None, + *, + parent: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Union[service.DeleteAttestorRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py new file mode 100644 index 0000000..3d12ffa --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..207eade --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Beta1Transport +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', + 'BinauthzManagementServiceV1Beta1GrpcTransport', + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py new file mode 100644 index 0000000..460f97b --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Beta1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..e34903a --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py @@ -0,0 +1,469 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..c611740 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,468 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport + + +class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py new file mode 100644 index 0000000..3fc064c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Beta1Client +from .async_client import SystemPolicyV1Beta1AsyncClient + +__all__ = ( + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py new file mode 100644 index 0000000..d8ec68d --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py @@ -0,0 +1,309 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport +from .client import SystemPolicyV1Beta1Client + + +class SystemPolicyV1Beta1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Beta1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) + + def __init__(self, *, + credentials: ga_credentials.Credentials = None, + transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", + client_options: ClientOptions = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py new file mode 100644 index 0000000..544d61b --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -0,0 +1,510 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1Beta1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +class SystemPolicyV1Beta1ClientMeta(type): + """Metaclass for the SystemPolicyV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] + _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: str = None, + ) -> Type[SystemPolicyV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Beta1Transport, None] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Beta1Transport): + # transport is a SystemPolicyV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Union[service.GetSystemPolicyRequest, dict] = None, + *, + name: str = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: float = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..2afe7f8 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Beta1Transport +from .grpc import SystemPolicyV1Beta1GrpcTransport +from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] +_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Beta1Transport', + 'SystemPolicyV1Beta1GrpcTransport', + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py new file mode 100644 index 0000000..d4dbc15 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Beta1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..87d6095 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): + """gRPC backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Sequence[str] = None, + channel: grpc.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: str = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..4e9d5e7 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1Beta1GrpcTransport + + +class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: ga_credentials.Credentials = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: aio.Channel = None, + api_mtls_endpoint: str = None, + client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, + ssl_channel_credentials: grpc.ChannelCredentials = None, + client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + quota_project_id=None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py new file mode 100644 index 0000000..289c81c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .continuous_validation_logging import ( + ContinuousValidationEvent, +) +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedDrydockNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, +) + +__all__ = ( + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py new file mode 100644 index 0000000..7b4eb1c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py @@ -0,0 +1,161 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'ContinuousValidationEvent', + }, +) + + +class ContinuousValidationEvent(proto.Message): + r"""Represents an auditing event from Continuous Validation. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): + Pod event. + + This field is a member of `oneof`_ ``event_type``. + unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): + Unsupported policy event. + + This field is a member of `oneof`_ ``event_type``. + """ + + class ContinuousValidationPodEvent(proto.Message): + r"""An auditing event for one Pod. + + Attributes: + pod_namespace (str): + The k8s namespace of the Pod. + pod (str): + The name of the Pod. + deploy_time (google.protobuf.timestamp_pb2.Timestamp): + Deploy time of the Pod from k8s. + end_time (google.protobuf.timestamp_pb2.Timestamp): + Termination time of the Pod from k8s, or + nothing if still running. + verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): + Auditing verdict for this Pod. + images (Sequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): + List of images with auditing details. + """ + class PolicyConformanceVerdict(proto.Enum): + r"""Audit time policy conformance verdict.""" + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 + VIOLATES_POLICY = 1 + + class ImageDetails(proto.Message): + r"""Container image with auditing details. + + Attributes: + image (str): + The name of the image. + result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): + The result of the audit for this image. + description (str): + Description of the above result. + """ + class AuditResult(proto.Enum): + r"""Result of the audit.""" + AUDIT_RESULT_UNSPECIFIED = 0 + ALLOW = 1 + DENY = 2 + + image = proto.Field( + proto.STRING, + number=1, + ) + result = proto.Field( + proto.ENUM, + number=2, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', + ) + description = proto.Field( + proto.STRING, + number=3, + ) + + pod_namespace = proto.Field( + proto.STRING, + number=7, + ) + pod = proto.Field( + proto.STRING, + number=1, + ) + deploy_time = proto.Field( + proto.MESSAGE, + number=2, + message=timestamp_pb2.Timestamp, + ) + end_time = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + verdict = proto.Field( + proto.ENUM, + number=4, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', + ) + images = proto.RepeatedField( + proto.MESSAGE, + number=5, + message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', + ) + + class UnsupportedPolicyEvent(proto.Message): + r"""An event describing that the project policy is unsupported by + CV. + + Attributes: + description (str): + A description of the unsupported policy. + """ + + description = proto.Field( + proto.STRING, + number=1, + ) + + pod_event = proto.Field( + proto.MESSAGE, + number=1, + oneof='event_type', + message=ContinuousValidationPodEvent, + ) + unsupported_policy_event = proto.Field( + proto.MESSAGE, + number=2, + oneof='event_type', + message=UnsupportedPolicyEvent, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py new file mode 100644 index 0000000..1d974e8 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py @@ -0,0 +1,461 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedDrydockNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + Binary Authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` + kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. ``test-ns:default`` + istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-istio-service-identity admission rules. Istio + service identity spec format: + ``spiffe:///ns//sa/`` or + ``/ns//sa/`` e.g. + ``spiffe://example.com/ns/test-ns/sa/default`` + default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + as a wildcard, but this is allowed only in text after the + ``registry/`` part. ``*`` wildcard does not match ``/``, + i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but + it does not match ``gcr.io/nginx/image``. This also supports + a trailing ``**`` wildcard which matches subdirectories, + i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. + """ + + name_pattern = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] + specifies either that all container images used in a pod creation + request must be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that + all pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (Sequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + that attests to container image artifacts. An existing attestor + cannot be modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): + A Drydock ATTESTATION_AUTHORITY Note, created by the user. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + description = proto.Field( + proto.STRING, + number=6, + ) + user_owned_drydock_note = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedDrydockNote', + ) + update_time = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedDrydockNote(proto.Message): + r"""An [user owned drydock + note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] + references a Drydock ATTESTATION_AUTHORITY Note created by the user. + + Attributes: + note_reference (str): + Required. The Drydock resource name of a + ATTESTATION_AUTHORITY Note, created by the user, in the + format: ``projects/*/notes/*`` (or the legacy + ``providers/*/notes/*``). This field may not be updated. + + An attestation by this attestor is stored as a Drydock + ATTESTATION_AUTHORITY Occurrence that names a container + image and that links to this Note. Drydock is an external + dependency. + public_keys (Sequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference = proto.Field( + proto.STRING, + number=1, + ) + public_keys = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] + that will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment = proto.Field( + proto.STRING, + number=1, + ) + id = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py new file mode 100644 index 0000000..8cd3dfd --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py @@ -0,0 +1,241 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import proto # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + """ + + policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + attestor_id = proto.Field( + proto.STRING, + number=2, + ) + attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent = proto.Field( + proto.STRING, + number=1, + ) + page_size = proto.Field( + proto.INT32, + number=2, + ) + page_token = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (Sequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name = proto.Field( + proto.STRING, + number=1, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1beta1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py new file mode 100644 index 0000000..b45044d --- /dev/null +++ b/owl-bot-staging/v1beta1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1beta1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py new file mode 100644 index 0000000..793b1ea --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py new file mode 100644 index 0000000..4de96ca --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py new file mode 100644 index 0000000..3aa680b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py new file mode 100644 index 0000000..7a0a694 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py new file mode 100644 index 0000000..d3affd0 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py new file mode 100644 index 0000000..b2fa796 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py new file mode 100644 index 0000000..99deaa5 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py new file mode 100644 index 0000000..ae48362 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py new file mode 100644 index 0000000..9373d89 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py new file mode 100644 index 0000000..24f6afc --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py new file mode 100644 index 0000000..463bb99 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py new file mode 100644 index 0000000..21ce41a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py new file mode 100644 index 0000000..2d3f605 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py new file mode 100644 index 0000000..85ba6b8 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py new file mode 100644 index 0000000..36a01b4 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py new file mode 100644 index 0000000..6b68d3b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json new file mode 100644 index 0000000..e73dca4 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json @@ -0,0 +1,1312 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1beta1", + "version": "v1beta1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", + "shortName": "SystemPolicyV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", + "shortName": "SystemPolicyV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json new file mode 100644 index 0000000..c59b49a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json @@ -0,0 +1,1313 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1beta1", + "version": "v1beta1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", + "shortName": "SystemPolicyV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", + "shortName": "SystemPolicyV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py new file mode 100644 index 0000000..e4d7076 --- /dev/null +++ b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py @@ -0,0 +1,183 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1beta1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt new file mode 100644 index 0000000..aca9f2d --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +# This file is intentionally left empty to test the +# latest versions of dependencies. +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py new file mode 100644 index 0000000..e2b10aa --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_beta1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ) + +def test_binauthz_management_service_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py new file mode 100644 index 0000000..b1902f9 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_beta1_client_get_transport_class(): + transport = SystemPolicyV1Beta1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1Beta1GrpcTransport, + ) + +def test_system_policy_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_no_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_with_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) From df6691305a938f3a1641d092fb2f8555717f248f Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Wed, 9 Nov 2022 23:44:16 +0000 Subject: [PATCH 09/18] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot=20?= =?UTF-8?q?post-processor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- .../binaryauthorization/gapic_version.py | 2 +- owl-bot-staging/v1/.coveragerc | 17 - owl-bot-staging/v1/.flake8 | 33 - owl-bot-staging/v1/MANIFEST.in | 2 - owl-bot-staging/v1/README.rst | 49 - .../binauthz_management_service_v1.rst | 10 - .../docs/binaryauthorization_v1/services.rst | 8 - .../system_policy_v1.rst | 6 - .../v1/docs/binaryauthorization_v1/types.rst | 7 - .../validation_helper_v1.rst | 6 - owl-bot-staging/v1/docs/conf.py | 376 -- owl-bot-staging/v1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 71 - .../binaryauthorization/gapic_version.py | 16 - .../google/cloud/binaryauthorization/py.typed | 2 - .../cloud/binaryauthorization_v1/__init__.py | 72 - .../gapic_metadata.json | 141 - .../cloud/binaryauthorization_v1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1057 ------ .../binauthz_management_service_v1/client.py | 1225 ------- .../binauthz_management_service_v1/pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 465 --- .../transports/grpc_asyncio.py | 464 --- .../services/system_policy_v1/__init__.py | 22 - .../services/system_policy_v1/async_client.py | 308 -- .../services/system_policy_v1/client.py | 509 --- .../system_policy_v1/transports/__init__.py | 33 - .../system_policy_v1/transports/base.py | 155 - .../system_policy_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../services/validation_helper_v1/__init__.py | 22 - .../validation_helper_v1/async_client.py | 285 -- .../services/validation_helper_v1/client.py | 478 --- .../transports/__init__.py | 33 - .../validation_helper_v1/transports/base.py | 154 - .../validation_helper_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../binaryauthorization_v1/types/__init__.py | 58 - .../binaryauthorization_v1/types/resources.py | 461 --- .../binaryauthorization_v1/types/service.py | 317 -- owl-bot-staging/v1/mypy.ini | 3 - owl-bot-staging/v1/noxfile.py | 179 - ...gement_service_v1_create_attestor_async.py | 58 - ...agement_service_v1_create_attestor_sync.py | 58 - ...gement_service_v1_delete_attestor_async.py | 50 - ...agement_service_v1_delete_attestor_sync.py | 50 - ...anagement_service_v1_get_attestor_async.py | 52 - ...management_service_v1_get_attestor_sync.py | 52 - ..._management_service_v1_get_policy_async.py | 52 - ...z_management_service_v1_get_policy_sync.py | 52 - ...agement_service_v1_list_attestors_async.py | 53 - ...nagement_service_v1_list_attestors_sync.py | 53 - ...gement_service_v1_update_attestor_async.py | 56 - ...agement_service_v1_update_attestor_sync.py | 56 - ...nagement_service_v1_update_policy_async.py | 56 - ...anagement_service_v1_update_policy_sync.py | 56 - ...ystem_policy_v1_get_system_policy_async.py | 52 - ...system_policy_v1_get_system_policy_sync.py | 52 - ...1_validate_attestation_occurrence_async.py | 54 - ...v1_validate_attestation_occurrence_sync.py | 54 - ...ippet_metadata_binaryauthorization_v1.json | 1465 -------- .../fixup_binaryauthorization_v1_keywords.py | 184 - owl-bot-staging/v1/setup.py | 90 - .../v1/testing/constraints-3.10.txt | 6 - .../v1/testing/constraints-3.11.txt | 6 - .../v1/testing/constraints-3.7.txt | 11 - .../v1/testing/constraints-3.8.txt | 6 - .../v1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1/tests/__init__.py | 16 - owl-bot-staging/v1/tests/unit/__init__.py | 16 - .../v1/tests/unit/gapic/__init__.py | 16 - .../gapic/binaryauthorization_v1/__init__.py | 16 - .../test_binauthz_management_service_v1.py | 3039 ----------------- .../test_system_policy_v1.py | 1396 -------- .../test_validation_helper_v1.py | 1293 ------- owl-bot-staging/v1beta1/.coveragerc | 17 - owl-bot-staging/v1beta1/.flake8 | 33 - owl-bot-staging/v1beta1/MANIFEST.in | 2 - owl-bot-staging/v1beta1/README.rst | 49 - .../binauthz_management_service_v1_beta1.rst | 10 - .../binaryauthorization_v1beta1/services.rst | 7 - .../system_policy_v1_beta1.rst | 6 - .../binaryauthorization_v1beta1/types.rst | 7 - owl-bot-staging/v1beta1/docs/conf.py | 376 -- owl-bot-staging/v1beta1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 65 - .../binaryauthorization/gapic_version.py | 16 - .../google/cloud/binaryauthorization/py.typed | 2 - .../binaryauthorization_v1beta1/__init__.py | 66 - .../gapic_metadata.json | 117 - .../binaryauthorization_v1beta1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1063 ------ .../client.py | 1231 ------- .../pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 469 --- .../transports/grpc_asyncio.py | 468 --- .../system_policy_v1_beta1/__init__.py | 22 - .../system_policy_v1_beta1/async_client.py | 309 -- .../services/system_policy_v1_beta1/client.py | 510 --- .../transports/__init__.py | 33 - .../system_policy_v1_beta1/transports/base.py | 155 - .../system_policy_v1_beta1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../types/__init__.py | 58 - .../types/continuous_validation_logging.py | 161 - .../types/resources.py | 461 --- .../types/service.py | 241 -- owl-bot-staging/v1beta1/mypy.ini | 3 - owl-bot-staging/v1beta1/noxfile.py | 179 - ..._service_v1_beta1_create_attestor_async.py | 58 - ...t_service_v1_beta1_create_attestor_sync.py | 58 - ..._service_v1_beta1_delete_attestor_async.py | 50 - ...t_service_v1_beta1_delete_attestor_sync.py | 50 - ...ent_service_v1_beta1_get_attestor_async.py | 52 - ...ment_service_v1_beta1_get_attestor_sync.py | 52 - ...ement_service_v1_beta1_get_policy_async.py | 52 - ...gement_service_v1_beta1_get_policy_sync.py | 52 - ...t_service_v1_beta1_list_attestors_async.py | 53 - ...nt_service_v1_beta1_list_attestors_sync.py | 53 - ..._service_v1_beta1_update_attestor_async.py | 56 - ...t_service_v1_beta1_update_attestor_sync.py | 56 - ...nt_service_v1_beta1_update_policy_async.py | 56 - ...ent_service_v1_beta1_update_policy_sync.py | 56 - ...policy_v1_beta1_get_system_policy_async.py | 52 - ..._policy_v1_beta1_get_system_policy_sync.py | 52 - ..._metadata_binaryauthorization_v1beta1.json | 1312 ------- ...up_binaryauthorization_v1beta1_keywords.py | 183 - owl-bot-staging/v1beta1/setup.py | 90 - .../v1beta1/testing/constraints-3.10.txt | 6 - .../v1beta1/testing/constraints-3.11.txt | 6 - .../v1beta1/testing/constraints-3.7.txt | 11 - .../v1beta1/testing/constraints-3.8.txt | 6 - .../v1beta1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1beta1/tests/__init__.py | 16 - .../v1beta1/tests/unit/__init__.py | 16 - .../v1beta1/tests/unit/gapic/__init__.py | 16 - .../binaryauthorization_v1beta1/__init__.py | 16 - ...st_binauthz_management_service_v1_beta1.py | 3039 ----------------- .../test_system_policy_v1_beta1.py | 1396 -------- ...a_google.cloud.binaryauthorization.v1.json | 0 ...gle.cloud.binaryauthorization.v1beta1.json | 0 149 files changed, 1 insertion(+), 31285 deletions(-) delete mode 100644 owl-bot-staging/v1/.coveragerc delete mode 100644 owl-bot-staging/v1/.flake8 delete mode 100644 owl-bot-staging/v1/MANIFEST.in delete mode 100644 owl-bot-staging/v1/README.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst delete mode 100644 owl-bot-staging/v1/docs/conf.py delete mode 100644 owl-bot-staging/v1/docs/index.rst delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py delete mode 100644 owl-bot-staging/v1/mypy.ini delete mode 100644 owl-bot-staging/v1/noxfile.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json delete mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py delete mode 100644 owl-bot-staging/v1/setup.py delete mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1/tests/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py delete mode 100644 owl-bot-staging/v1beta1/.coveragerc delete mode 100644 owl-bot-staging/v1beta1/.flake8 delete mode 100644 owl-bot-staging/v1beta1/MANIFEST.in delete mode 100644 owl-bot-staging/v1beta1/README.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst delete mode 100644 owl-bot-staging/v1beta1/docs/conf.py delete mode 100644 owl-bot-staging/v1beta1/docs/index.rst delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py delete mode 100644 owl-bot-staging/v1beta1/mypy.ini delete mode 100644 owl-bot-staging/v1beta1/noxfile.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json delete mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py delete mode 100644 owl-bot-staging/v1beta1/setup.py delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1beta1/tests/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py rename {owl-bot-staging/v1/samples => samples}/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json (100%) rename {owl-bot-staging/v1beta1/samples => samples}/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json (100%) diff --git a/google/cloud/binaryauthorization/gapic_version.py b/google/cloud/binaryauthorization/gapic_version.py index e370372..35859c3 100644 --- a/google/cloud/binaryauthorization/gapic_version.py +++ b/google/cloud/binaryauthorization/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.3.3" # {x-release-please-version} +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in deleted file mode 100644 index 25c03c6..0000000 --- a/owl-bot-staging/v1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst deleted file mode 100644 index 1d11618..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1 ---------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst deleted file mode 100644 index d8423c9..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst +++ /dev/null @@ -1,8 +0,0 @@ -Services for Google Cloud Binaryauthorization v1 API -==================================================== -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1 - system_policy_v1 - validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst deleted file mode 100644 index da7e2d4..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1 --------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst deleted file mode 100644 index f693b22..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst +++ /dev/null @@ -1,7 +0,0 @@ -Types for Google Cloud Binaryauthorization v1 API -================================================= - -.. automodule:: google.cloud.binaryauthorization_v1.types - :members: - :undoc-members: - :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst deleted file mode 100644 index 5d92ddc..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -ValidationHelperV1 ------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst deleted file mode 100644 index 5c33d39..0000000 --- a/owl-bot-staging/v1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1/services - binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index cd87c27..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,71 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient - -from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1.types.resources import Attestor -from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1.types.resources import Policy -from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote -from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse - -__all__ = ('BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py deleted file mode 100644 index 35859c3..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py +++ /dev/null @@ -1,16 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py deleted file mode 100644 index 4a0253e..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,72 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from .services.system_policy_v1 import SystemPolicyV1Client -from .services.system_policy_v1 import SystemPolicyV1AsyncClient -from .services.validation_helper_v1 import ValidationHelperV1Client -from .services.validation_helper_v1 import ValidationHelperV1AsyncClient - -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedGrafeasNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest -from .types.service import ValidateAttestationOccurrenceRequest -from .types.service import ValidateAttestationOccurrenceResponse - -__all__ = ( - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Client', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedGrafeasNote', -'ValidateAttestationOccurrenceRequest', -'ValidateAttestationOccurrenceResponse', -'ValidationHelperV1Client', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json deleted file mode 100644 index 1d349e7..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json +++ /dev/null @@ -1,141 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1", - "protoPackage": "google.cloud.binaryauthorization.v1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - }, - "ValidationHelperV1": { - "clients": { - "grpc": { - "libraryClient": "ValidationHelperV1Client", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - }, - "grpc-async": { - "libraryClient": "ValidationHelperV1AsyncClient", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py deleted file mode 100644 index eb79aec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Client -from .async_client import BinauthzManagementServiceV1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py deleted file mode 100644 index 1b08a59..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py +++ /dev/null @@ -1,1057 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Client - - -class BinauthzManagementServiceV1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - _client: BinauthzManagementServiceV1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py deleted file mode 100644 index 077a95c..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ /dev/null @@ -1,1225 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[BinauthzManagementServiceV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Transport): - # transport is a BinauthzManagementServiceV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py deleted file mode 100644 index 2c7aa53..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py deleted file mode 100644 index 7ab66d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Transport -from .grpc import BinauthzManagementServiceV1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Transport', - 'BinauthzManagementServiceV1GrpcTransport', - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py deleted file mode 100644 index b9b7fe3..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py deleted file mode 100644 index 0ee1346..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py +++ /dev/null @@ -1,465 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): - """gRPC backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py deleted file mode 100644 index f6be296..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,464 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1GrpcTransport - - -class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py deleted file mode 100644 index 61a11e8..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Client -from .async_client import SystemPolicyV1AsyncClient - -__all__ = ( - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py deleted file mode 100644 index 2eb5323..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py +++ /dev/null @@ -1,308 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport -from .client import SystemPolicyV1Client - - -class SystemPolicyV1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py deleted file mode 100644 index 0077daf..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ /dev/null @@ -1,509 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -class SystemPolicyV1ClientMeta(type): - """Metaclass for the SystemPolicyV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] - _transport_registry["grpc"] = SystemPolicyV1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[SystemPolicyV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Transport): - # transport is a SystemPolicyV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py deleted file mode 100644 index feea8d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Transport -from .grpc import SystemPolicyV1GrpcTransport -from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] -_transport_registry['grpc'] = SystemPolicyV1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Transport', - 'SystemPolicyV1GrpcTransport', - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py deleted file mode 100644 index 2421893..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py deleted file mode 100644 index 91578cd..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): - """gRPC backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py deleted file mode 100644 index 893ef80..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1GrpcTransport - - -class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py deleted file mode 100644 index 5a441c1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import ValidationHelperV1Client -from .async_client import ValidationHelperV1AsyncClient - -__all__ = ( - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py deleted file mode 100644 index 45a238c..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py +++ /dev/null @@ -1,285 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport -from .client import ValidationHelperV1Client - - -class ValidationHelperV1AsyncClient: - """BinAuthz Attestor verification""" - - _client: ValidationHelperV1Client - - DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT - - common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) - parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) - common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) - parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) - common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) - parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) - common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) - parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = ValidationHelperV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def validate_attestation_occurrence(self, - request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.validate_attestation_occurrence, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py deleted file mode 100644 index 0c635d1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ /dev/null @@ -1,478 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import ValidationHelperV1GrpcTransport -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -class ValidationHelperV1ClientMeta(type): - """Metaclass for the ValidationHelperV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] - _transport_registry["grpc"] = ValidationHelperV1GrpcTransport - _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[ValidationHelperV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): - """BinAuthz Attestor verification""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, ValidationHelperV1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, ValidationHelperV1Transport): - # transport is a ValidationHelperV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def validate_attestation_occurrence(self, - request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - # Minor optimization to avoid making a copy if the user passes - # in a service.ValidateAttestationOccurrenceRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ValidateAttestationOccurrenceRequest): - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py deleted file mode 100644 index 09986f1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import ValidationHelperV1Transport -from .grpc import ValidationHelperV1GrpcTransport -from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] -_transport_registry['grpc'] = ValidationHelperV1GrpcTransport -_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport - -__all__ = ( - 'ValidationHelperV1Transport', - 'ValidationHelperV1GrpcTransport', - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py deleted file mode 100644 index afce65a..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py +++ /dev/null @@ -1,154 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class ValidationHelperV1Transport(abc.ABC): - """Abstract transport class for ValidationHelperV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.validate_attestation_occurrence: gapic_v1.method.wrap_method( - self.validate_attestation_occurrence, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Union[ - service.ValidateAttestationOccurrenceResponse, - Awaitable[service.ValidateAttestationOccurrenceResponse] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'ValidationHelperV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py deleted file mode 100644 index 1e208d8..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO - - -class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): - """gRPC backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - service.ValidateAttestationOccurrenceResponse]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - ~.ValidateAttestationOccurrenceResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'ValidationHelperV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py deleted file mode 100644 index 8e3266d..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .grpc import ValidationHelperV1GrpcTransport - - -class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): - """gRPC AsyncIO backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Awaitable[service.ValidateAttestationOccurrenceResponse]]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - Awaitable[~.ValidateAttestationOccurrenceResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py deleted file mode 100644 index cddd9b9..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedGrafeasNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, - ValidateAttestationOccurrenceRequest, - ValidateAttestationOccurrenceResponse, -) - -__all__ = ( - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py deleted file mode 100644 index 249e783..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py +++ /dev/null @@ -1,461 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedGrafeasNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container - image binary authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: [a-z.-]+, e.g. 'some-namespace' - kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. 'test-ns:default' - istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-istio-service-identity - admission rules. Istio service identity spec - format: - spiffe:///ns//sa/ - or /ns//sa/ - e.g. spiffe://example.com/ns/test-ns/sa/default - default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - wildcard, but this is allowed only in text after the - ``registry/`` part. This also supports a trailing ``**`` - wildcard which matches subdirectories of a given entry. - """ - - name_pattern = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies - either that all container images used in a pod creation request must - be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1.Attestor], that all - pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (Sequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that - attests to container image artifacts. An existing attestor cannot be - modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): - This specifies how an attestation will be - read, and how it will be used during policy - enforcement. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - user_owned_grafeas_note = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedGrafeasNote', - ) - update_time = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedGrafeasNote(proto.Message): - r"""An [user owned Grafeas - note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] - references a Grafeas Attestation.Authority Note created by the user. - - Attributes: - note_reference (str): - Required. The Grafeas resource name of a - Attestation.Authority Note, created by the user, in the - format: ``projects/*/notes/*``. This field may not be - updated. - - An attestation by this attestor is stored as a Grafeas - Attestation.Authority Occurrence that names a container - image and that links to this Note. Grafeas is an external - dependency. - public_keys (Sequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference = proto.Field( - proto.STRING, - number=1, - ) - public_keys = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that - will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment = proto.Field( - proto.STRING, - number=1, - ) - id = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py deleted file mode 100644 index 146c289..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py +++ /dev/null @@ -1,317 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from grafeas.v1 import attestation_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] value. - The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] field - with the resource name in the request URL, in the format - ``projects/*/policy``. - """ - - policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - attestor_id = proto.Field( - proto.STRING, - number=2, - ) - attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] to - retrieve, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - page_size = proto.Field( - proto.INT32, - number=2, - ) - page_token = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (Sequence[google.cloud.binaryauthorization_v1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] to - delete, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class ValidateAttestationOccurrenceRequest(proto.Message): - r"""Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - attestor (str): - Required. The resource name of the - [Attestor][google.cloud.binaryauthorization.v1.Attestor] of - the [occurrence][grafeas.v1.Occurrence], in the format - ``projects/*/attestors/*``. - attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): - Required. An - [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to - be checked that it can be verified by the Attestor. It does - not have to be an existing entity in Container Analysis. It - must otherwise be a valid AttestationOccurrence. - occurrence_note (str): - Required. The resource name of the [Note][grafeas.v1.Note] - to which the containing [Occurrence][grafeas.v1.Occurrence] - is associated. - occurrence_resource_uri (str): - Required. The URI of the artifact (e.g. container image) - that is the subject of the containing - [Occurrence][grafeas.v1.Occurrence]. - """ - - attestor = proto.Field( - proto.STRING, - number=1, - ) - attestation = proto.Field( - proto.MESSAGE, - number=2, - message=attestation_pb2.AttestationOccurrence, - ) - occurrence_note = proto.Field( - proto.STRING, - number=3, - ) - occurrence_resource_uri = proto.Field( - proto.STRING, - number=4, - ) - - -class ValidateAttestationOccurrenceResponse(proto.Message): - r"""Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): - The result of the Attestation validation. - denial_reason (str): - The reason for denial if the Attestation - couldn't be validated. - """ - class Result(proto.Enum): - r"""The enum returned in the "result" field.""" - RESULT_UNSPECIFIED = 0 - VERIFIED = 1 - ATTESTATION_NOT_VERIFIABLE = 2 - - result = proto.Field( - proto.ENUM, - number=1, - enum=Result, - ) - denial_reason = proto.Field( - proto.STRING, - number=2, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py deleted file mode 100644 index 9dee1a0..0000000 --- a/owl-bot-staging/v1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py deleted file mode 100644 index 42f52bc..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py deleted file mode 100644 index e51ea8d..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py deleted file mode 100644 index 42c7afa..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py deleted file mode 100644 index e435188..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py deleted file mode 100644 index 61dbe83..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py deleted file mode 100644 index 7272538..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py deleted file mode 100644 index 287a39f..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py deleted file mode 100644 index 108d76c..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py deleted file mode 100644 index 2670d1a..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py deleted file mode 100644 index d7eecc9..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py deleted file mode 100644 index 8f0bd69..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py deleted file mode 100644 index 38073e4..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py deleted file mode 100644 index 12fc571..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py deleted file mode 100644 index d1ce288..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py deleted file mode 100644 index 3458ff1..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py deleted file mode 100644 index 9d84367..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py deleted file mode 100644 index 248502b..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py deleted file mode 100644 index 44cb427..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json deleted file mode 100644 index 5e15984..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json +++ /dev/null @@ -1,1465 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1", - "version": "v1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", - "shortName": "SystemPolicyV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", - "shortName": "SystemPolicyV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", - "shortName": "ValidationHelperV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", - "shortName": "ValidationHelperV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py deleted file mode 100644 index 62deb91..0000000 --- a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py +++ /dev/null @@ -1,184 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt deleted file mode 100644 index aca9f2d..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.7.txt +++ /dev/null @@ -1,11 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -# This file is intentionally left empty to test the -# latest versions of dependencies. -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py deleted file mode 100644 index d628bd1..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1GrpcTransport, - ) - -def test_binauthz_management_service_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py deleted file mode 100644 index 39f62c7..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1GrpcTransport, "grpc"), - (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_client_get_transport_class(): - transport = SystemPolicyV1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Client, SystemPolicyV1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1GrpcTransport, - ) - -def test_system_policy_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_no_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_with_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py deleted file mode 100644 index 837321c..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py +++ /dev/null @@ -1,1293 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from grafeas.v1 import attestation_pb2 # type: ignore -from grafeas.v1 import common_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.ValidationHelperV1GrpcTransport, "grpc"), - (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_validation_helper_v1_client_get_transport_class(): - transport = ValidationHelperV1Client.get_transport_class() - available_transports = [ - transports.ValidationHelperV1GrpcTransport, - ] - assert transport in available_transports - - transport = ValidationHelperV1Client.get_transport_class("grpc") - assert transport == transports.ValidationHelperV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - ValidationHelperV1Client, ValidationHelperV1AsyncClient -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_validation_helper_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = ValidationHelperV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.ValidateAttestationOccurrenceRequest, - dict, -]) -def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - ) - response = client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -def test_validate_attestation_occurrence_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - client.validate_attestation_occurrence() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - )) - response = await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async_from_dict(): - await test_validate_attestation_occurrence_async(request_type=dict) - - -def test_validate_attestation_occurrence_field_headers(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = service.ValidateAttestationOccurrenceResponse() - client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_field_headers_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) - await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = ValidationHelperV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = ValidationHelperV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.ValidationHelperV1GrpcTransport, - ) - -def test_validation_helper_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_validation_helper_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'validate_attestation_occurrence', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_validation_helper_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_validation_helper_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport() - adc.assert_called_once() - - -def test_validation_helper_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - ValidationHelperV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ValidationHelperV1GrpcTransport, grpc_helpers), - (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_no_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_with_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_validation_helper_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_validation_helper_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_common_billing_account_path(): - billing_account = "squid" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = ValidationHelperV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "clam", - } - path = ValidationHelperV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "whelk" - expected = "folders/{folder}".format(folder=folder, ) - actual = ValidationHelperV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "octopus", - } - path = ValidationHelperV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "oyster" - expected = "organizations/{organization}".format(organization=organization, ) - actual = ValidationHelperV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "nudibranch", - } - path = ValidationHelperV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "cuttlefish" - expected = "projects/{project}".format(project=project, ) - actual = ValidationHelperV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "mussel", - } - path = ValidationHelperV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "winkle" - location = "nautilus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = ValidationHelperV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "scallop", - "location": "abalone", - } - path = ValidationHelperV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - transport_class = ValidationHelperV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1beta1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1beta1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in deleted file mode 100644 index dcb06b9..0000000 --- a/owl-bot-staging/v1beta1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1beta1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst deleted file mode 100644 index 22016d0..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1Beta1 --------------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst deleted file mode 100644 index 0d0e455..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst +++ /dev/null @@ -1,7 +0,0 @@ -Services for Google Cloud Binaryauthorization v1beta1 API -========================================================= -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1_beta1 - system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst deleted file mode 100644 index 70a68bc..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1Beta1 -------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst deleted file mode 100644 index aa0d435..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst +++ /dev/null @@ -1,7 +0,0 @@ -Types for Google Cloud Binaryauthorization v1beta1 API -====================================================== - -.. automodule:: google.cloud.binaryauthorization_v1beta1.types - :members: - :undoc-members: - :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1beta1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst deleted file mode 100644 index 787a5eb..0000000 --- a/owl-bot-staging/v1beta1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1beta1/services - binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index ad30948..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,65 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient - -from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor -from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import Policy -from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote -from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest - -__all__ = ('BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py deleted file mode 100644 index 35859c3..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py +++ /dev/null @@ -1,16 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 39fdf61..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,66 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient - -from .types.continuous_validation_logging import ContinuousValidationEvent -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedDrydockNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest - -__all__ = ( - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Beta1Client', -'ContinuousValidationEvent', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Beta1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedDrydockNote', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json deleted file mode 100644 index 65f5f50..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json +++ /dev/null @@ -1,117 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1beta1", - "protoPackage": "google.cloud.binaryauthorization.v1beta1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Beta1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Beta1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1Beta1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py deleted file mode 100644 index c00aba6..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Beta1Client -from .async_client import BinauthzManagementServiceV1Beta1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py deleted file mode 100644 index 7eded62..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py +++ /dev/null @@ -1,1063 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Beta1Client - - -class BinauthzManagementServiceV1Beta1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - _client: BinauthzManagementServiceV1Beta1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py deleted file mode 100644 index 7ab0540..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ /dev/null @@ -1,1231 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1Beta1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[BinauthzManagementServiceV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Beta1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): - # transport is a BinauthzManagementServiceV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Union[service.GetPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Union[service.UpdatePolicyRequest, dict] = None, - *, - policy: resources.Policy = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Union[service.CreateAttestorRequest, dict] = None, - *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Union[service.GetAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Union[service.UpdateAttestorRequest, dict] = None, - *, - attestor: resources.Attestor = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Union[service.ListAttestorsRequest, dict] = None, - *, - parent: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Union[service.DeleteAttestorRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py deleted file mode 100644 index 3d12ffa..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py deleted file mode 100644 index 207eade..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Beta1Transport -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', - 'BinauthzManagementServiceV1Beta1GrpcTransport', - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py deleted file mode 100644 index 460f97b..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Beta1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py deleted file mode 100644 index e34903a..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,469 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index c611740..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,468 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport - - -class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py deleted file mode 100644 index 3fc064c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Beta1Client -from .async_client import SystemPolicyV1Beta1AsyncClient - -__all__ = ( - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py deleted file mode 100644 index d8ec68d..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py +++ /dev/null @@ -1,309 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport -from .client import SystemPolicyV1Beta1Client - - -class SystemPolicyV1Beta1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Beta1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) - - def __init__(self, *, - credentials: ga_credentials.Credentials = None, - transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py deleted file mode 100644 index 544d61b..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ /dev/null @@ -1,510 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1Beta1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -class SystemPolicyV1Beta1ClientMeta(type): - """Metaclass for the SystemPolicyV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] - _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: str = None, - ) -> Type[SystemPolicyV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Beta1Transport, None] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Beta1Transport): - # transport is a SystemPolicyV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Union[service.GetSystemPolicyRequest, dict] = None, - *, - name: str = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py deleted file mode 100644 index 2afe7f8..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Beta1Transport -from .grpc import SystemPolicyV1Beta1GrpcTransport -from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] -_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Beta1Transport', - 'SystemPolicyV1Beta1GrpcTransport', - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py deleted file mode 100644 index d4dbc15..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Beta1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py deleted file mode 100644 index 87d6095..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): - """gRPC backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index 4e9d5e7..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1Beta1GrpcTransport - - -class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: ga_credentials.Credentials = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py deleted file mode 100644 index 289c81c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .continuous_validation_logging import ( - ContinuousValidationEvent, -) -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedDrydockNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, -) - -__all__ = ( - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py deleted file mode 100644 index 7b4eb1c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py +++ /dev/null @@ -1,161 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'ContinuousValidationEvent', - }, -) - - -class ContinuousValidationEvent(proto.Message): - r"""Represents an auditing event from Continuous Validation. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): - Pod event. - - This field is a member of `oneof`_ ``event_type``. - unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): - Unsupported policy event. - - This field is a member of `oneof`_ ``event_type``. - """ - - class ContinuousValidationPodEvent(proto.Message): - r"""An auditing event for one Pod. - - Attributes: - pod_namespace (str): - The k8s namespace of the Pod. - pod (str): - The name of the Pod. - deploy_time (google.protobuf.timestamp_pb2.Timestamp): - Deploy time of the Pod from k8s. - end_time (google.protobuf.timestamp_pb2.Timestamp): - Termination time of the Pod from k8s, or - nothing if still running. - verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): - Auditing verdict for this Pod. - images (Sequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): - List of images with auditing details. - """ - class PolicyConformanceVerdict(proto.Enum): - r"""Audit time policy conformance verdict.""" - POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 - VIOLATES_POLICY = 1 - - class ImageDetails(proto.Message): - r"""Container image with auditing details. - - Attributes: - image (str): - The name of the image. - result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): - The result of the audit for this image. - description (str): - Description of the above result. - """ - class AuditResult(proto.Enum): - r"""Result of the audit.""" - AUDIT_RESULT_UNSPECIFIED = 0 - ALLOW = 1 - DENY = 2 - - image = proto.Field( - proto.STRING, - number=1, - ) - result = proto.Field( - proto.ENUM, - number=2, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', - ) - description = proto.Field( - proto.STRING, - number=3, - ) - - pod_namespace = proto.Field( - proto.STRING, - number=7, - ) - pod = proto.Field( - proto.STRING, - number=1, - ) - deploy_time = proto.Field( - proto.MESSAGE, - number=2, - message=timestamp_pb2.Timestamp, - ) - end_time = proto.Field( - proto.MESSAGE, - number=3, - message=timestamp_pb2.Timestamp, - ) - verdict = proto.Field( - proto.ENUM, - number=4, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', - ) - images = proto.RepeatedField( - proto.MESSAGE, - number=5, - message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', - ) - - class UnsupportedPolicyEvent(proto.Message): - r"""An event describing that the project policy is unsupported by - CV. - - Attributes: - description (str): - A description of the unsupported policy. - """ - - description = proto.Field( - proto.STRING, - number=1, - ) - - pod_event = proto.Field( - proto.MESSAGE, - number=1, - oneof='event_type', - message=ContinuousValidationPodEvent, - ) - unsupported_policy_event = proto.Field( - proto.MESSAGE, - number=2, - oneof='event_type', - message=UnsupportedPolicyEvent, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py deleted file mode 100644 index 1d974e8..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py +++ /dev/null @@ -1,461 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedDrydockNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - Binary Authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` - kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. ``test-ns:default`` - istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-istio-service-identity admission rules. Istio - service identity spec format: - ``spiffe:///ns//sa/`` or - ``/ns//sa/`` e.g. - ``spiffe://example.com/ns/test-ns/sa/default`` - default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - as a wildcard, but this is allowed only in text after the - ``registry/`` part. ``*`` wildcard does not match ``/``, - i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but - it does not match ``gcr.io/nginx/image``. This also supports - a trailing ``**`` wildcard which matches subdirectories, - i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. - """ - - name_pattern = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] - specifies either that all container images used in a pod creation - request must be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that - all pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (Sequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - that attests to container image artifacts. An existing attestor - cannot be modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): - A Drydock ATTESTATION_AUTHORITY Note, created by the user. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - description = proto.Field( - proto.STRING, - number=6, - ) - user_owned_drydock_note = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedDrydockNote', - ) - update_time = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedDrydockNote(proto.Message): - r"""An [user owned drydock - note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] - references a Drydock ATTESTATION_AUTHORITY Note created by the user. - - Attributes: - note_reference (str): - Required. The Drydock resource name of a - ATTESTATION_AUTHORITY Note, created by the user, in the - format: ``projects/*/notes/*`` (or the legacy - ``providers/*/notes/*``). This field may not be updated. - - An attestation by this attestor is stored as a Drydock - ATTESTATION_AUTHORITY Occurrence that names a container - image and that links to this Note. Drydock is an external - dependency. - public_keys (Sequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference = proto.Field( - proto.STRING, - number=1, - ) - public_keys = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] - that will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment = proto.Field( - proto.STRING, - number=1, - ) - id = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py deleted file mode 100644 index 8cd3dfd..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py +++ /dev/null @@ -1,241 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import proto # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - """ - - policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - attestor_id = proto.Field( - proto.STRING, - number=2, - ) - attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent = proto.Field( - proto.STRING, - number=1, - ) - page_size = proto.Field( - proto.INT32, - number=2, - ) - page_token = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (Sequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name = proto.Field( - proto.STRING, - number=1, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1beta1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py deleted file mode 100644 index b45044d..0000000 --- a/owl-bot-staging/v1beta1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1beta1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py deleted file mode 100644 index 793b1ea..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py deleted file mode 100644 index 4de96ca..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py deleted file mode 100644 index 3aa680b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py deleted file mode 100644 index 7a0a694..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py deleted file mode 100644 index d3affd0..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py deleted file mode 100644 index b2fa796..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py deleted file mode 100644 index 99deaa5..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py deleted file mode 100644 index ae48362..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py deleted file mode 100644 index 9373d89..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py deleted file mode 100644 index 24f6afc..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py deleted file mode 100644 index 463bb99..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py deleted file mode 100644 index 21ce41a..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py deleted file mode 100644 index 2d3f605..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py deleted file mode 100644 index 85ba6b8..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py deleted file mode 100644 index 36a01b4..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py deleted file mode 100644 index 6b68d3b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json deleted file mode 100644 index e73dca4..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json +++ /dev/null @@ -1,1312 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1beta1", - "version": "v1beta1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", - "shortName": "SystemPolicyV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", - "shortName": "SystemPolicyV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py deleted file mode 100644 index e4d7076..0000000 --- a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py +++ /dev/null @@ -1,183 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1beta1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt deleted file mode 100644 index aca9f2d..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt +++ /dev/null @@ -1,11 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -# This file is intentionally left empty to test the -# latest versions of dependencies. -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py deleted file mode 100644 index e2b10aa..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_beta1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ) - -def test_binauthz_management_service_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py deleted file mode 100644 index b1902f9..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_beta1_client_get_transport_class(): - transport = SystemPolicyV1Beta1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1Beta1GrpcTransport, - ) - -def test_system_policy_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_no_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_with_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json similarity index 100% rename from owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json rename to samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json similarity index 100% rename from owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json rename to samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json From f5c449b0db7db28ced005054a4c1ced67ab393be Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Thu, 10 Nov 2022 15:14:57 +0000 Subject: [PATCH 10/18] feat: new APIs added to reflect updates to the filestore service - Add ENTERPRISE Tier - Add snapshot APIs: RevertInstance, ListSnapshots, CreateSnapshot, DeleteSnapshot, UpdateSnapshot - Add multi-share APIs: ListShares, GetShare, CreateShare, DeleteShare, UpdateShare - Add ConnectMode to NetworkConfig (for Private Service Access support) - New status codes (SUSPENDED/SUSPENDING, REVERTING/RESUMING) - Add SuspensionReason (for KMS related suspension) - Add new fields to Instance information: max_capacity_gb, capacity_step_size_gb, max_share_count, capacity_gb, multi_share_enabled PiperOrigin-RevId: 487492758 Source-Link: https://github.com/googleapis/googleapis/commit/5be5981f50322cf0c7388595e0f31ac5d0693469 Source-Link: https://github.com/googleapis/googleapis-gen/commit/ab0e217f560cc2c1afc11441c2eab6b6950efd2b Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiYWIwZTIxN2Y1NjBjYzJjMWFmYzExNDQxYzJlYWI2YjY5NTBlZmQyYiJ9 --- owl-bot-staging/v1/.coveragerc | 17 + owl-bot-staging/v1/.flake8 | 33 + owl-bot-staging/v1/MANIFEST.in | 2 + owl-bot-staging/v1/README.rst | 49 + .../binauthz_management_service_v1.rst | 10 + .../docs/binaryauthorization_v1/services.rst | 8 + .../system_policy_v1.rst | 6 + .../v1/docs/binaryauthorization_v1/types.rst | 7 + .../validation_helper_v1.rst | 6 + owl-bot-staging/v1/docs/conf.py | 376 ++ owl-bot-staging/v1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 71 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../cloud/binaryauthorization_v1/__init__.py | 72 + .../gapic_metadata.json | 141 + .../cloud/binaryauthorization_v1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1057 ++++++ .../binauthz_management_service_v1/client.py | 1225 +++++++ .../binauthz_management_service_v1/pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 465 +++ .../transports/grpc_asyncio.py | 464 +++ .../services/system_policy_v1/__init__.py | 22 + .../services/system_policy_v1/async_client.py | 308 ++ .../services/system_policy_v1/client.py | 509 +++ .../system_policy_v1/transports/__init__.py | 33 + .../system_policy_v1/transports/base.py | 155 + .../system_policy_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../services/validation_helper_v1/__init__.py | 22 + .../validation_helper_v1/async_client.py | 285 ++ .../services/validation_helper_v1/client.py | 478 +++ .../transports/__init__.py | 33 + .../validation_helper_v1/transports/base.py | 154 + .../validation_helper_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../binaryauthorization_v1/types/__init__.py | 58 + .../binaryauthorization_v1/types/resources.py | 463 +++ .../binaryauthorization_v1/types/service.py | 319 ++ owl-bot-staging/v1/mypy.ini | 3 + owl-bot-staging/v1/noxfile.py | 179 + ...gement_service_v1_create_attestor_async.py | 58 + ...agement_service_v1_create_attestor_sync.py | 58 + ...gement_service_v1_delete_attestor_async.py | 50 + ...agement_service_v1_delete_attestor_sync.py | 50 + ...anagement_service_v1_get_attestor_async.py | 52 + ...management_service_v1_get_attestor_sync.py | 52 + ..._management_service_v1_get_policy_async.py | 52 + ...z_management_service_v1_get_policy_sync.py | 52 + ...agement_service_v1_list_attestors_async.py | 53 + ...nagement_service_v1_list_attestors_sync.py | 53 + ...gement_service_v1_update_attestor_async.py | 56 + ...agement_service_v1_update_attestor_sync.py | 56 + ...nagement_service_v1_update_policy_async.py | 56 + ...anagement_service_v1_update_policy_sync.py | 56 + ...ystem_policy_v1_get_system_policy_async.py | 52 + ...system_policy_v1_get_system_policy_sync.py | 52 + ...1_validate_attestation_occurrence_async.py | 54 + ...v1_validate_attestation_occurrence_sync.py | 54 + ...a_google.cloud.binaryauthorization.v1.json | 1466 ++++++++ .../fixup_binaryauthorization_v1_keywords.py | 184 + owl-bot-staging/v1/setup.py | 90 + .../v1/testing/constraints-3.10.txt | 6 + .../v1/testing/constraints-3.11.txt | 6 + .../v1/testing/constraints-3.7.txt | 11 + .../v1/testing/constraints-3.8.txt | 6 + .../v1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1/tests/__init__.py | 16 + owl-bot-staging/v1/tests/unit/__init__.py | 16 + .../v1/tests/unit/gapic/__init__.py | 16 + .../gapic/binaryauthorization_v1/__init__.py | 16 + .../test_binauthz_management_service_v1.py | 3039 +++++++++++++++++ .../test_system_policy_v1.py | 1396 ++++++++ .../test_validation_helper_v1.py | 1293 +++++++ owl-bot-staging/v1beta1/.coveragerc | 17 + owl-bot-staging/v1beta1/.flake8 | 33 + owl-bot-staging/v1beta1/MANIFEST.in | 2 + owl-bot-staging/v1beta1/README.rst | 49 + .../binauthz_management_service_v1_beta1.rst | 10 + .../binaryauthorization_v1beta1/services.rst | 7 + .../system_policy_v1_beta1.rst | 6 + .../binaryauthorization_v1beta1/types.rst | 7 + owl-bot-staging/v1beta1/docs/conf.py | 376 ++ owl-bot-staging/v1beta1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 65 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../binaryauthorization_v1beta1/__init__.py | 66 + .../gapic_metadata.json | 117 + .../binaryauthorization_v1beta1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1063 ++++++ .../client.py | 1231 +++++++ .../pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 469 +++ .../transports/grpc_asyncio.py | 468 +++ .../system_policy_v1_beta1/__init__.py | 22 + .../system_policy_v1_beta1/async_client.py | 309 ++ .../services/system_policy_v1_beta1/client.py | 510 +++ .../transports/__init__.py | 33 + .../system_policy_v1_beta1/transports/base.py | 155 + .../system_policy_v1_beta1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../types/__init__.py | 58 + .../types/continuous_validation_logging.py | 163 + .../types/resources.py | 463 +++ .../types/service.py | 243 ++ owl-bot-staging/v1beta1/mypy.ini | 3 + owl-bot-staging/v1beta1/noxfile.py | 179 + ..._service_v1_beta1_create_attestor_async.py | 58 + ...t_service_v1_beta1_create_attestor_sync.py | 58 + ..._service_v1_beta1_delete_attestor_async.py | 50 + ...t_service_v1_beta1_delete_attestor_sync.py | 50 + ...ent_service_v1_beta1_get_attestor_async.py | 52 + ...ment_service_v1_beta1_get_attestor_sync.py | 52 + ...ement_service_v1_beta1_get_policy_async.py | 52 + ...gement_service_v1_beta1_get_policy_sync.py | 52 + ...t_service_v1_beta1_list_attestors_async.py | 53 + ...nt_service_v1_beta1_list_attestors_sync.py | 53 + ..._service_v1_beta1_update_attestor_async.py | 56 + ...t_service_v1_beta1_update_attestor_sync.py | 56 + ...nt_service_v1_beta1_update_policy_async.py | 56 + ...ent_service_v1_beta1_update_policy_sync.py | 56 + ...policy_v1_beta1_get_system_policy_async.py | 52 + ..._policy_v1_beta1_get_system_policy_sync.py | 52 + ...gle.cloud.binaryauthorization.v1beta1.json | 1313 +++++++ ...up_binaryauthorization_v1beta1_keywords.py | 183 + owl-bot-staging/v1beta1/setup.py | 90 + .../v1beta1/testing/constraints-3.10.txt | 6 + .../v1beta1/testing/constraints-3.11.txt | 6 + .../v1beta1/testing/constraints-3.7.txt | 11 + .../v1beta1/testing/constraints-3.8.txt | 6 + .../v1beta1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1beta1/tests/__init__.py | 16 + .../v1beta1/tests/unit/__init__.py | 16 + .../v1beta1/tests/unit/gapic/__init__.py | 16 + .../binaryauthorization_v1beta1/__init__.py | 16 + ...st_binauthz_management_service_v1_beta1.py | 3039 +++++++++++++++++ .../test_system_policy_v1_beta1.py | 1396 ++++++++ 146 files changed, 31296 insertions(+) create mode 100644 owl-bot-staging/v1/.coveragerc create mode 100644 owl-bot-staging/v1/.flake8 create mode 100644 owl-bot-staging/v1/MANIFEST.in create mode 100644 owl-bot-staging/v1/README.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst create mode 100644 owl-bot-staging/v1/docs/conf.py create mode 100644 owl-bot-staging/v1/docs/index.rst create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py create mode 100644 owl-bot-staging/v1/mypy.ini create mode 100644 owl-bot-staging/v1/noxfile.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json create mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py create mode 100644 owl-bot-staging/v1/setup.py create mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1/tests/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py create mode 100644 owl-bot-staging/v1beta1/.coveragerc create mode 100644 owl-bot-staging/v1beta1/.flake8 create mode 100644 owl-bot-staging/v1beta1/MANIFEST.in create mode 100644 owl-bot-staging/v1beta1/README.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst create mode 100644 owl-bot-staging/v1beta1/docs/conf.py create mode 100644 owl-bot-staging/v1beta1/docs/index.rst create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py create mode 100644 owl-bot-staging/v1beta1/mypy.ini create mode 100644 owl-bot-staging/v1beta1/noxfile.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json create mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py create mode 100644 owl-bot-staging/v1beta1/setup.py create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1beta1/tests/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in new file mode 100644 index 0000000..25c03c6 --- /dev/null +++ b/owl-bot-staging/v1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst new file mode 100644 index 0000000..1d11618 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1 +--------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst new file mode 100644 index 0000000..d8423c9 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst @@ -0,0 +1,8 @@ +Services for Google Cloud Binaryauthorization v1 API +==================================================== +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1 + system_policy_v1 + validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst new file mode 100644 index 0000000..da7e2d4 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1 +-------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst new file mode 100644 index 0000000..f693b22 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst @@ -0,0 +1,7 @@ +Types for Google Cloud Binaryauthorization v1 API +================================================= + +.. automodule:: google.cloud.binaryauthorization_v1.types + :members: + :undoc-members: + :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst new file mode 100644 index 0000000..5d92ddc --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst @@ -0,0 +1,6 @@ +ValidationHelperV1 +------------------------------------ + +.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst new file mode 100644 index 0000000..5c33d39 --- /dev/null +++ b/owl-bot-staging/v1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1/services + binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..cd87c27 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,71 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient + +from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1.types.resources import Attestor +from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1.types.resources import Policy +from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote +from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse + +__all__ = ('BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..4a0253e --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py @@ -0,0 +1,72 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from .services.system_policy_v1 import SystemPolicyV1Client +from .services.system_policy_v1 import SystemPolicyV1AsyncClient +from .services.validation_helper_v1 import ValidationHelperV1Client +from .services.validation_helper_v1 import ValidationHelperV1AsyncClient + +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedGrafeasNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest +from .types.service import ValidateAttestationOccurrenceRequest +from .types.service import ValidateAttestationOccurrenceResponse + +__all__ = ( + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Client', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedGrafeasNote', +'ValidateAttestationOccurrenceRequest', +'ValidateAttestationOccurrenceResponse', +'ValidationHelperV1Client', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json new file mode 100644 index 0000000..1d349e7 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json @@ -0,0 +1,141 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1", + "protoPackage": "google.cloud.binaryauthorization.v1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + }, + "ValidationHelperV1": { + "clients": { + "grpc": { + "libraryClient": "ValidationHelperV1Client", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + }, + "grpc-async": { + "libraryClient": "ValidationHelperV1AsyncClient", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py new file mode 100644 index 0000000..eb79aec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Client +from .async_client import BinauthzManagementServiceV1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py new file mode 100644 index 0000000..f528e30 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py @@ -0,0 +1,1057 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Client + + +class BinauthzManagementServiceV1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + _client: BinauthzManagementServiceV1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py new file mode 100644 index 0000000..0fbbe00 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -0,0 +1,1225 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[BinauthzManagementServiceV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, BinauthzManagementServiceV1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Transport): + # transport is a BinauthzManagementServiceV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py new file mode 100644 index 0000000..2c7aa53 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py new file mode 100644 index 0000000..7ab66d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Transport +from .grpc import BinauthzManagementServiceV1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Transport', + 'BinauthzManagementServiceV1GrpcTransport', + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py new file mode 100644 index 0000000..8b1f99d --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py new file mode 100644 index 0000000..d585f2d --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py @@ -0,0 +1,465 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): + """gRPC backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..4b785bf --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py @@ -0,0 +1,464 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1GrpcTransport + + +class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py new file mode 100644 index 0000000..61a11e8 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Client +from .async_client import SystemPolicyV1AsyncClient + +__all__ = ( + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py new file mode 100644 index 0000000..1d2b8ea --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py @@ -0,0 +1,308 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport +from .client import SystemPolicyV1Client + + +class SystemPolicyV1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py new file mode 100644 index 0000000..9eba291 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -0,0 +1,509 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +class SystemPolicyV1ClientMeta(type): + """Metaclass for the SystemPolicyV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] + _transport_registry["grpc"] = SystemPolicyV1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[SystemPolicyV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, SystemPolicyV1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Transport): + # transport is a SystemPolicyV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py new file mode 100644 index 0000000..feea8d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Transport +from .grpc import SystemPolicyV1GrpcTransport +from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] +_transport_registry['grpc'] = SystemPolicyV1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Transport', + 'SystemPolicyV1GrpcTransport', + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py new file mode 100644 index 0000000..ab3d729 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py new file mode 100644 index 0000000..61d64c9 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): + """gRPC backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..3a0e56c --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1GrpcTransport + + +class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py new file mode 100644 index 0000000..5a441c1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import ValidationHelperV1Client +from .async_client import ValidationHelperV1AsyncClient + +__all__ = ( + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py new file mode 100644 index 0000000..e6b4ad4 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py @@ -0,0 +1,285 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport +from .client import ValidationHelperV1Client + + +class ValidationHelperV1AsyncClient: + """BinAuthz Attestor verification""" + + _client: ValidationHelperV1Client + + DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT + + common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) + parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) + common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) + parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) + common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) + parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) + common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) + parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = ValidationHelperV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def validate_attestation_occurrence(self, + request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.validate_attestation_occurrence, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py new file mode 100644 index 0000000..d4d3744 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -0,0 +1,478 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import ValidationHelperV1GrpcTransport +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +class ValidationHelperV1ClientMeta(type): + """Metaclass for the ValidationHelperV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] + _transport_registry["grpc"] = ValidationHelperV1GrpcTransport + _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[ValidationHelperV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): + """BinAuthz Attestor verification""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, ValidationHelperV1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, ValidationHelperV1Transport): + # transport is a ValidationHelperV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def validate_attestation_occurrence(self, + request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + # Minor optimization to avoid making a copy if the user passes + # in a service.ValidateAttestationOccurrenceRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ValidateAttestationOccurrenceRequest): + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py new file mode 100644 index 0000000..09986f1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import ValidationHelperV1Transport +from .grpc import ValidationHelperV1GrpcTransport +from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] +_transport_registry['grpc'] = ValidationHelperV1GrpcTransport +_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport + +__all__ = ( + 'ValidationHelperV1Transport', + 'ValidationHelperV1GrpcTransport', + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py new file mode 100644 index 0000000..900d488 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py @@ -0,0 +1,154 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class ValidationHelperV1Transport(abc.ABC): + """Abstract transport class for ValidationHelperV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.validate_attestation_occurrence: gapic_v1.method.wrap_method( + self.validate_attestation_occurrence, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Union[ + service.ValidateAttestationOccurrenceResponse, + Awaitable[service.ValidateAttestationOccurrenceResponse] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'ValidationHelperV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py new file mode 100644 index 0000000..38bdba5 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO + + +class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): + """gRPC backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + service.ValidateAttestationOccurrenceResponse]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + ~.ValidateAttestationOccurrenceResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'ValidationHelperV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..468b3f2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .grpc import ValidationHelperV1GrpcTransport + + +class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): + """gRPC AsyncIO backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Awaitable[service.ValidateAttestationOccurrenceResponse]]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + Awaitable[~.ValidateAttestationOccurrenceResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py new file mode 100644 index 0000000..cddd9b9 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedGrafeasNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, + ValidateAttestationOccurrenceRequest, + ValidateAttestationOccurrenceResponse, +) + +__all__ = ( + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py new file mode 100644 index 0000000..8c3e400 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py @@ -0,0 +1,463 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedGrafeasNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container + image binary authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: [a-z.-]+, e.g. 'some-namespace' + kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. 'test-ns:default' + istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-istio-service-identity + admission rules. Istio service identity spec + format: + spiffe:///ns//sa/ + or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default + default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule: 'AdmissionRule' = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + wildcard, but this is allowed only in text after the + ``registry/`` part. This also supports a trailing ``**`` + wildcard which matches subdirectories of a given entry. + """ + + name_pattern: str = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies + either that all container images used in a pod creation request must + be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1.Attestor], that all + pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (MutableSequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode: EvaluationMode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by: MutableSequence[str] = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode: EnforcementMode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that + attests to container image artifacts. An existing attestor cannot be + modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): + This specifies how an attestation will be + read, and how it will be used during policy + enforcement. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + user_owned_grafeas_note: 'UserOwnedGrafeasNote' = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedGrafeasNote', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedGrafeasNote(proto.Message): + r"""An [user owned Grafeas + note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] + references a Grafeas Attestation.Authority Note created by the user. + + Attributes: + note_reference (str): + Required. The Grafeas resource name of a + Attestation.Authority Note, created by the user, in the + format: ``projects/*/notes/*``. This field may not be + updated. + + An attestation by this attestor is stored as a Grafeas + Attestation.Authority Occurrence that names a container + image and that links to this Note. Grafeas is an external + dependency. + public_keys (MutableSequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference: str = proto.Field( + proto.STRING, + number=1, + ) + public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email: str = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem: str = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm: SignatureAlgorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that + will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment: str = proto.Field( + proto.STRING, + number=1, + ) + id: str = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key: str = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key: 'PkixPublicKey' = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py new file mode 100644 index 0000000..b05cf8b --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py @@ -0,0 +1,319 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from grafeas.v1 import attestation_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] value. + The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] field + with the resource name in the request URL, in the format + ``projects/*/policy``. + """ + + policy: resources.Policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + attestor_id: str = proto.Field( + proto.STRING, + number=2, + ) + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] to + retrieve, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (MutableSequence[google.cloud.binaryauthorization_v1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] to + delete, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ValidateAttestationOccurrenceRequest(proto.Message): + r"""Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + attestor (str): + Required. The resource name of the + [Attestor][google.cloud.binaryauthorization.v1.Attestor] of + the [occurrence][grafeas.v1.Occurrence], in the format + ``projects/*/attestors/*``. + attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): + Required. An + [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to + be checked that it can be verified by the Attestor. It does + not have to be an existing entity in Container Analysis. It + must otherwise be a valid AttestationOccurrence. + occurrence_note (str): + Required. The resource name of the [Note][grafeas.v1.Note] + to which the containing [Occurrence][grafeas.v1.Occurrence] + is associated. + occurrence_resource_uri (str): + Required. The URI of the artifact (e.g. container image) + that is the subject of the containing + [Occurrence][grafeas.v1.Occurrence]. + """ + + attestor: str = proto.Field( + proto.STRING, + number=1, + ) + attestation: attestation_pb2.AttestationOccurrence = proto.Field( + proto.MESSAGE, + number=2, + message=attestation_pb2.AttestationOccurrence, + ) + occurrence_note: str = proto.Field( + proto.STRING, + number=3, + ) + occurrence_resource_uri: str = proto.Field( + proto.STRING, + number=4, + ) + + +class ValidateAttestationOccurrenceResponse(proto.Message): + r"""Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): + The result of the Attestation validation. + denial_reason (str): + The reason for denial if the Attestation + couldn't be validated. + """ + class Result(proto.Enum): + r"""The enum returned in the "result" field.""" + RESULT_UNSPECIFIED = 0 + VERIFIED = 1 + ATTESTATION_NOT_VERIFIABLE = 2 + + result: Result = proto.Field( + proto.ENUM, + number=1, + enum=Result, + ) + denial_reason: str = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py new file mode 100644 index 0000000..9dee1a0 --- /dev/null +++ b/owl-bot-staging/v1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py new file mode 100644 index 0000000..42f52bc --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py new file mode 100644 index 0000000..e51ea8d --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py new file mode 100644 index 0000000..42c7afa --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py new file mode 100644 index 0000000..e435188 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py new file mode 100644 index 0000000..61dbe83 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py new file mode 100644 index 0000000..7272538 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py new file mode 100644 index 0000000..287a39f --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py new file mode 100644 index 0000000..108d76c --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py new file mode 100644 index 0000000..2670d1a --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py new file mode 100644 index 0000000..d7eecc9 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py new file mode 100644 index 0000000..8f0bd69 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py new file mode 100644 index 0000000..38073e4 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py new file mode 100644 index 0000000..12fc571 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py new file mode 100644 index 0000000..d1ce288 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py new file mode 100644 index 0000000..3458ff1 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py new file mode 100644 index 0000000..9d84367 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py new file mode 100644 index 0000000..248502b --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py new file mode 100644 index 0000000..44cb427 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json new file mode 100644 index 0000000..6d29a4e --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json @@ -0,0 +1,1466 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1", + "version": "v1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", + "shortName": "SystemPolicyV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", + "shortName": "SystemPolicyV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", + "shortName": "ValidationHelperV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", + "shortName": "ValidationHelperV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py new file mode 100644 index 0000000..62deb91 --- /dev/null +++ b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py @@ -0,0 +1,184 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt new file mode 100644 index 0000000..aca9f2d --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +# This file is intentionally left empty to test the +# latest versions of dependencies. +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py new file mode 100644 index 0000000..d628bd1 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1GrpcTransport, + ) + +def test_binauthz_management_service_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py new file mode 100644 index 0000000..39f62c7 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1GrpcTransport, "grpc"), + (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_client_get_transport_class(): + transport = SystemPolicyV1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Client, SystemPolicyV1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1GrpcTransport, + ) + +def test_system_policy_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_no_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_with_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py new file mode 100644 index 0000000..837321c --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py @@ -0,0 +1,1293 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from grafeas.v1 import attestation_pb2 # type: ignore +from grafeas.v1 import common_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.ValidationHelperV1GrpcTransport, "grpc"), + (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_validation_helper_v1_client_get_transport_class(): + transport = ValidationHelperV1Client.get_transport_class() + available_transports = [ + transports.ValidationHelperV1GrpcTransport, + ] + assert transport in available_transports + + transport = ValidationHelperV1Client.get_transport_class("grpc") + assert transport == transports.ValidationHelperV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + ValidationHelperV1Client, ValidationHelperV1AsyncClient +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_validation_helper_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = ValidationHelperV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.ValidateAttestationOccurrenceRequest, + dict, +]) +def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + ) + response = client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +def test_validate_attestation_occurrence_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + client.validate_attestation_occurrence() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + )) + response = await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async_from_dict(): + await test_validate_attestation_occurrence_async(request_type=dict) + + +def test_validate_attestation_occurrence_field_headers(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = service.ValidateAttestationOccurrenceResponse() + client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_field_headers_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) + await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = ValidationHelperV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = ValidationHelperV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.ValidationHelperV1GrpcTransport, + ) + +def test_validation_helper_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_validation_helper_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'validate_attestation_occurrence', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_validation_helper_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_validation_helper_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport() + adc.assert_called_once() + + +def test_validation_helper_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + ValidationHelperV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.ValidationHelperV1GrpcTransport, grpc_helpers), + (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_no_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_with_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_validation_helper_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_validation_helper_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_common_billing_account_path(): + billing_account = "squid" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = ValidationHelperV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "clam", + } + path = ValidationHelperV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "whelk" + expected = "folders/{folder}".format(folder=folder, ) + actual = ValidationHelperV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "octopus", + } + path = ValidationHelperV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "oyster" + expected = "organizations/{organization}".format(organization=organization, ) + actual = ValidationHelperV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "nudibranch", + } + path = ValidationHelperV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "cuttlefish" + expected = "projects/{project}".format(project=project, ) + actual = ValidationHelperV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "mussel", + } + path = ValidationHelperV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "winkle" + location = "nautilus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = ValidationHelperV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "scallop", + "location": "abalone", + } + path = ValidationHelperV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + transport_class = ValidationHelperV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1beta1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1beta1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in new file mode 100644 index 0000000..dcb06b9 --- /dev/null +++ b/owl-bot-staging/v1beta1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1beta1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst new file mode 100644 index 0000000..22016d0 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1Beta1 +-------------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst new file mode 100644 index 0000000..0d0e455 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst @@ -0,0 +1,7 @@ +Services for Google Cloud Binaryauthorization v1beta1 API +========================================================= +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1_beta1 + system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst new file mode 100644 index 0000000..70a68bc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1Beta1 +------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst new file mode 100644 index 0000000..aa0d435 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst @@ -0,0 +1,7 @@ +Types for Google Cloud Binaryauthorization v1beta1 API +====================================================== + +.. automodule:: google.cloud.binaryauthorization_v1beta1.types + :members: + :undoc-members: + :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst new file mode 100644 index 0000000..787a5eb --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1beta1/services + binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..ad30948 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,65 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient + +from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor +from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import Policy +from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote +from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest + +__all__ = ('BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..39fdf61 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,66 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient + +from .types.continuous_validation_logging import ContinuousValidationEvent +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedDrydockNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest + +__all__ = ( + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Beta1Client', +'ContinuousValidationEvent', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Beta1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedDrydockNote', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json new file mode 100644 index 0000000..65f5f50 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json @@ -0,0 +1,117 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1beta1", + "protoPackage": "google.cloud.binaryauthorization.v1beta1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Beta1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Beta1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1Beta1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py new file mode 100644 index 0000000..c00aba6 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Beta1Client +from .async_client import BinauthzManagementServiceV1Beta1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py new file mode 100644 index 0000000..b00a268 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py @@ -0,0 +1,1063 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Beta1Client + + +class BinauthzManagementServiceV1Beta1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + _client: BinauthzManagementServiceV1Beta1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py new file mode 100644 index 0000000..43d098d --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -0,0 +1,1231 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1Beta1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[BinauthzManagementServiceV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, BinauthzManagementServiceV1Beta1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): + # transport is a BinauthzManagementServiceV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py new file mode 100644 index 0000000..3d12ffa --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..207eade --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Beta1Transport +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', + 'BinauthzManagementServiceV1Beta1GrpcTransport', + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py new file mode 100644 index 0000000..f623a9e --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Beta1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..1ecdd2f --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py @@ -0,0 +1,469 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..05bf0a4 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,468 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport + + +class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py new file mode 100644 index 0000000..3fc064c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Beta1Client +from .async_client import SystemPolicyV1Beta1AsyncClient + +__all__ = ( + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py new file mode 100644 index 0000000..5f60e3c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py @@ -0,0 +1,309 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport +from .client import SystemPolicyV1Beta1Client + + +class SystemPolicyV1Beta1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Beta1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py new file mode 100644 index 0000000..73d2151 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -0,0 +1,510 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1Beta1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +class SystemPolicyV1Beta1ClientMeta(type): + """Metaclass for the SystemPolicyV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] + _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[SystemPolicyV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, SystemPolicyV1Beta1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Beta1Transport): + # transport is a SystemPolicyV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..2afe7f8 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Beta1Transport +from .grpc import SystemPolicyV1Beta1GrpcTransport +from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] +_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Beta1Transport', + 'SystemPolicyV1Beta1GrpcTransport', + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py new file mode 100644 index 0000000..7332bfe --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Beta1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..bbe28c5 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): + """gRPC backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..21bdee3 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1Beta1GrpcTransport + + +class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py new file mode 100644 index 0000000..289c81c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .continuous_validation_logging import ( + ContinuousValidationEvent, +) +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedDrydockNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, +) + +__all__ = ( + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py new file mode 100644 index 0000000..85c30dd --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py @@ -0,0 +1,163 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'ContinuousValidationEvent', + }, +) + + +class ContinuousValidationEvent(proto.Message): + r"""Represents an auditing event from Continuous Validation. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): + Pod event. + + This field is a member of `oneof`_ ``event_type``. + unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): + Unsupported policy event. + + This field is a member of `oneof`_ ``event_type``. + """ + + class ContinuousValidationPodEvent(proto.Message): + r"""An auditing event for one Pod. + + Attributes: + pod_namespace (str): + The k8s namespace of the Pod. + pod (str): + The name of the Pod. + deploy_time (google.protobuf.timestamp_pb2.Timestamp): + Deploy time of the Pod from k8s. + end_time (google.protobuf.timestamp_pb2.Timestamp): + Termination time of the Pod from k8s, or + nothing if still running. + verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): + Auditing verdict for this Pod. + images (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): + List of images with auditing details. + """ + class PolicyConformanceVerdict(proto.Enum): + r"""Audit time policy conformance verdict.""" + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 + VIOLATES_POLICY = 1 + + class ImageDetails(proto.Message): + r"""Container image with auditing details. + + Attributes: + image (str): + The name of the image. + result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): + The result of the audit for this image. + description (str): + Description of the above result. + """ + class AuditResult(proto.Enum): + r"""Result of the audit.""" + AUDIT_RESULT_UNSPECIFIED = 0 + ALLOW = 1 + DENY = 2 + + image: str = proto.Field( + proto.STRING, + number=1, + ) + result: 'ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult' = proto.Field( + proto.ENUM, + number=2, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', + ) + description: str = proto.Field( + proto.STRING, + number=3, + ) + + pod_namespace: str = proto.Field( + proto.STRING, + number=7, + ) + pod: str = proto.Field( + proto.STRING, + number=1, + ) + deploy_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=2, + message=timestamp_pb2.Timestamp, + ) + end_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + verdict: 'ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict' = proto.Field( + proto.ENUM, + number=4, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', + ) + images: MutableSequence['ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails'] = proto.RepeatedField( + proto.MESSAGE, + number=5, + message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', + ) + + class UnsupportedPolicyEvent(proto.Message): + r"""An event describing that the project policy is unsupported by + CV. + + Attributes: + description (str): + A description of the unsupported policy. + """ + + description: str = proto.Field( + proto.STRING, + number=1, + ) + + pod_event: ContinuousValidationPodEvent = proto.Field( + proto.MESSAGE, + number=1, + oneof='event_type', + message=ContinuousValidationPodEvent, + ) + unsupported_policy_event: UnsupportedPolicyEvent = proto.Field( + proto.MESSAGE, + number=2, + oneof='event_type', + message=UnsupportedPolicyEvent, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py new file mode 100644 index 0000000..8884bab --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py @@ -0,0 +1,463 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedDrydockNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + Binary Authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` + kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. ``test-ns:default`` + istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-istio-service-identity admission rules. Istio + service identity spec format: + ``spiffe:///ns//sa/`` or + ``/ns//sa/`` e.g. + ``spiffe://example.com/ns/test-ns/sa/default`` + default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule: 'AdmissionRule' = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + as a wildcard, but this is allowed only in text after the + ``registry/`` part. ``*`` wildcard does not match ``/``, + i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but + it does not match ``gcr.io/nginx/image``. This also supports + a trailing ``**`` wildcard which matches subdirectories, + i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. + """ + + name_pattern: str = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] + specifies either that all container images used in a pod creation + request must be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that + all pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (MutableSequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode: EvaluationMode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by: MutableSequence[str] = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode: EnforcementMode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + that attests to container image artifacts. An existing attestor + cannot be modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): + A Drydock ATTESTATION_AUTHORITY Note, created by the user. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + user_owned_drydock_note: 'UserOwnedDrydockNote' = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedDrydockNote', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedDrydockNote(proto.Message): + r"""An [user owned drydock + note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] + references a Drydock ATTESTATION_AUTHORITY Note created by the user. + + Attributes: + note_reference (str): + Required. The Drydock resource name of a + ATTESTATION_AUTHORITY Note, created by the user, in the + format: ``projects/*/notes/*`` (or the legacy + ``providers/*/notes/*``). This field may not be updated. + + An attestation by this attestor is stored as a Drydock + ATTESTATION_AUTHORITY Occurrence that names a container + image and that links to this Note. Drydock is an external + dependency. + public_keys (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference: str = proto.Field( + proto.STRING, + number=1, + ) + public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email: str = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem: str = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm: SignatureAlgorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] + that will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment: str = proto.Field( + proto.STRING, + number=1, + ) + id: str = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key: str = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key: 'PkixPublicKey' = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py new file mode 100644 index 0000000..4b8caad --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py @@ -0,0 +1,243 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + """ + + policy: resources.Policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + attestor_id: str = proto.Field( + proto.STRING, + number=2, + ) + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1beta1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py new file mode 100644 index 0000000..b45044d --- /dev/null +++ b/owl-bot-staging/v1beta1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1beta1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py new file mode 100644 index 0000000..793b1ea --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py new file mode 100644 index 0000000..4de96ca --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py new file mode 100644 index 0000000..3aa680b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py new file mode 100644 index 0000000..7a0a694 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py new file mode 100644 index 0000000..d3affd0 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py new file mode 100644 index 0000000..b2fa796 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py new file mode 100644 index 0000000..99deaa5 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py new file mode 100644 index 0000000..ae48362 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py new file mode 100644 index 0000000..9373d89 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py new file mode 100644 index 0000000..24f6afc --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py new file mode 100644 index 0000000..463bb99 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py new file mode 100644 index 0000000..21ce41a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py new file mode 100644 index 0000000..2d3f605 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py new file mode 100644 index 0000000..85ba6b8 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py new file mode 100644 index 0000000..36a01b4 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py new file mode 100644 index 0000000..6b68d3b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json new file mode 100644 index 0000000..c59b49a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json @@ -0,0 +1,1313 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1beta1", + "version": "v1beta1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", + "shortName": "SystemPolicyV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", + "shortName": "SystemPolicyV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py new file mode 100644 index 0000000..e4d7076 --- /dev/null +++ b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py @@ -0,0 +1,183 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1beta1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt new file mode 100644 index 0000000..aca9f2d --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt @@ -0,0 +1,11 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +# This file is intentionally left empty to test the +# latest versions of dependencies. +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py new file mode 100644 index 0000000..e2b10aa --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_beta1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ) + +def test_binauthz_management_service_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py new file mode 100644 index 0000000..b1902f9 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_beta1_client_get_transport_class(): + transport = SystemPolicyV1Beta1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1Beta1GrpcTransport, + ) + +def test_system_policy_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_no_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_with_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) From 86e785151572cc946f6ff89c063180868f0e2809 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Thu, 10 Nov 2022 15:16:59 +0000 Subject: [PATCH 11/18] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot=20?= =?UTF-8?q?post-processor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- .../async_client.py | 76 +- .../binauthz_management_service_v1/client.py | 63 +- .../transports/base.py | 2 +- .../transports/grpc.py | 20 +- .../transports/grpc_asyncio.py | 16 +- .../services/system_policy_v1/async_client.py | 24 +- .../services/system_policy_v1/client.py | 23 +- .../system_policy_v1/transports/base.py | 2 +- .../system_policy_v1/transports/grpc.py | 20 +- .../transports/grpc_asyncio.py | 16 +- .../validation_helper_v1/async_client.py | 24 +- .../services/validation_helper_v1/client.py | 23 +- .../validation_helper_v1/transports/base.py | 2 +- .../validation_helper_v1/transports/grpc.py | 20 +- .../transports/grpc_asyncio.py | 16 +- .../binaryauthorization_v1/types/resources.py | 78 +- .../binaryauthorization_v1/types/service.py | 44 +- .../async_client.py | 76 +- .../client.py | 65 +- .../transports/base.py | 2 +- .../transports/grpc.py | 20 +- .../transports/grpc_asyncio.py | 16 +- .../system_policy_v1_beta1/async_client.py | 24 +- .../services/system_policy_v1_beta1/client.py | 23 +- .../system_policy_v1_beta1/transports/base.py | 2 +- .../system_policy_v1_beta1/transports/grpc.py | 20 +- .../transports/grpc_asyncio.py | 16 +- .../types/continuous_validation_logging.py | 30 +- .../types/resources.py | 78 +- .../types/service.py | 32 +- owl-bot-staging/v1/.coveragerc | 17 - owl-bot-staging/v1/.flake8 | 33 - owl-bot-staging/v1/MANIFEST.in | 2 - owl-bot-staging/v1/README.rst | 49 - .../binauthz_management_service_v1.rst | 10 - .../docs/binaryauthorization_v1/services.rst | 8 - .../system_policy_v1.rst | 6 - .../v1/docs/binaryauthorization_v1/types.rst | 7 - .../validation_helper_v1.rst | 6 - owl-bot-staging/v1/docs/conf.py | 376 -- owl-bot-staging/v1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 71 - .../binaryauthorization/gapic_version.py | 16 - .../google/cloud/binaryauthorization/py.typed | 2 - .../cloud/binaryauthorization_v1/__init__.py | 72 - .../gapic_metadata.json | 141 - .../cloud/binaryauthorization_v1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1057 ------ .../binauthz_management_service_v1/client.py | 1225 ------- .../binauthz_management_service_v1/pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 465 --- .../transports/grpc_asyncio.py | 464 --- .../services/system_policy_v1/__init__.py | 22 - .../services/system_policy_v1/async_client.py | 308 -- .../services/system_policy_v1/client.py | 509 --- .../system_policy_v1/transports/__init__.py | 33 - .../system_policy_v1/transports/base.py | 155 - .../system_policy_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../services/validation_helper_v1/__init__.py | 22 - .../validation_helper_v1/async_client.py | 285 -- .../services/validation_helper_v1/client.py | 478 --- .../transports/__init__.py | 33 - .../validation_helper_v1/transports/base.py | 154 - .../validation_helper_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../binaryauthorization_v1/types/__init__.py | 58 - .../binaryauthorization_v1/types/resources.py | 463 --- .../binaryauthorization_v1/types/service.py | 319 -- owl-bot-staging/v1/mypy.ini | 3 - owl-bot-staging/v1/noxfile.py | 179 - ...gement_service_v1_create_attestor_async.py | 58 - ...agement_service_v1_create_attestor_sync.py | 58 - ...gement_service_v1_delete_attestor_async.py | 50 - ...agement_service_v1_delete_attestor_sync.py | 50 - ...anagement_service_v1_get_attestor_async.py | 52 - ...management_service_v1_get_attestor_sync.py | 52 - ..._management_service_v1_get_policy_async.py | 52 - ...z_management_service_v1_get_policy_sync.py | 52 - ...agement_service_v1_list_attestors_async.py | 53 - ...nagement_service_v1_list_attestors_sync.py | 53 - ...gement_service_v1_update_attestor_async.py | 56 - ...agement_service_v1_update_attestor_sync.py | 56 - ...nagement_service_v1_update_policy_async.py | 56 - ...anagement_service_v1_update_policy_sync.py | 56 - ...ystem_policy_v1_get_system_policy_async.py | 52 - ...system_policy_v1_get_system_policy_sync.py | 52 - ...1_validate_attestation_occurrence_async.py | 54 - ...v1_validate_attestation_occurrence_sync.py | 54 - ...a_google.cloud.binaryauthorization.v1.json | 1466 -------- .../fixup_binaryauthorization_v1_keywords.py | 184 - owl-bot-staging/v1/setup.py | 90 - .../v1/testing/constraints-3.10.txt | 6 - .../v1/testing/constraints-3.11.txt | 6 - .../v1/testing/constraints-3.7.txt | 11 - .../v1/testing/constraints-3.8.txt | 6 - .../v1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1/tests/__init__.py | 16 - owl-bot-staging/v1/tests/unit/__init__.py | 16 - .../v1/tests/unit/gapic/__init__.py | 16 - .../gapic/binaryauthorization_v1/__init__.py | 16 - .../test_binauthz_management_service_v1.py | 3039 ----------------- .../test_system_policy_v1.py | 1396 -------- .../test_validation_helper_v1.py | 1293 ------- owl-bot-staging/v1beta1/.coveragerc | 17 - owl-bot-staging/v1beta1/.flake8 | 33 - owl-bot-staging/v1beta1/MANIFEST.in | 2 - owl-bot-staging/v1beta1/README.rst | 49 - .../binauthz_management_service_v1_beta1.rst | 10 - .../binaryauthorization_v1beta1/services.rst | 7 - .../system_policy_v1_beta1.rst | 6 - .../binaryauthorization_v1beta1/types.rst | 7 - owl-bot-staging/v1beta1/docs/conf.py | 376 -- owl-bot-staging/v1beta1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 65 - .../binaryauthorization/gapic_version.py | 16 - .../google/cloud/binaryauthorization/py.typed | 2 - .../binaryauthorization_v1beta1/__init__.py | 66 - .../gapic_metadata.json | 117 - .../binaryauthorization_v1beta1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1063 ------ .../client.py | 1231 ------- .../pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 469 --- .../transports/grpc_asyncio.py | 468 --- .../system_policy_v1_beta1/__init__.py | 22 - .../system_policy_v1_beta1/async_client.py | 309 -- .../services/system_policy_v1_beta1/client.py | 510 --- .../transports/__init__.py | 33 - .../system_policy_v1_beta1/transports/base.py | 155 - .../system_policy_v1_beta1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../types/__init__.py | 58 - .../types/continuous_validation_logging.py | 163 - .../types/resources.py | 463 --- .../types/service.py | 243 -- owl-bot-staging/v1beta1/mypy.ini | 3 - owl-bot-staging/v1beta1/noxfile.py | 179 - ..._service_v1_beta1_create_attestor_async.py | 58 - ...t_service_v1_beta1_create_attestor_sync.py | 58 - ..._service_v1_beta1_delete_attestor_async.py | 50 - ...t_service_v1_beta1_delete_attestor_sync.py | 50 - ...ent_service_v1_beta1_get_attestor_async.py | 52 - ...ment_service_v1_beta1_get_attestor_sync.py | 52 - ...ement_service_v1_beta1_get_policy_async.py | 52 - ...gement_service_v1_beta1_get_policy_sync.py | 52 - ...t_service_v1_beta1_list_attestors_async.py | 53 - ...nt_service_v1_beta1_list_attestors_sync.py | 53 - ..._service_v1_beta1_update_attestor_async.py | 56 - ...t_service_v1_beta1_update_attestor_sync.py | 56 - ...nt_service_v1_beta1_update_policy_async.py | 56 - ...ent_service_v1_beta1_update_policy_sync.py | 56 - ...policy_v1_beta1_get_system_policy_async.py | 52 - ..._policy_v1_beta1_get_system_policy_sync.py | 52 - ...gle.cloud.binaryauthorization.v1beta1.json | 1313 ------- ...up_binaryauthorization_v1beta1_keywords.py | 183 - owl-bot-staging/v1beta1/setup.py | 90 - .../v1beta1/testing/constraints-3.10.txt | 6 - .../v1beta1/testing/constraints-3.11.txt | 6 - .../v1beta1/testing/constraints-3.7.txt | 11 - .../v1beta1/testing/constraints-3.8.txt | 6 - .../v1beta1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1beta1/tests/__init__.py | 16 - .../v1beta1/tests/unit/__init__.py | 16 - .../v1beta1/tests/unit/gapic/__init__.py | 16 - .../binaryauthorization_v1beta1/__init__.py | 16 - ...st_binauthz_management_service_v1_beta1.py | 3039 ----------------- .../test_system_policy_v1_beta1.py | 1396 -------- 176 files changed, 506 insertions(+), 31663 deletions(-) delete mode 100644 owl-bot-staging/v1/.coveragerc delete mode 100644 owl-bot-staging/v1/.flake8 delete mode 100644 owl-bot-staging/v1/MANIFEST.in delete mode 100644 owl-bot-staging/v1/README.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst delete mode 100644 owl-bot-staging/v1/docs/conf.py delete mode 100644 owl-bot-staging/v1/docs/index.rst delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py delete mode 100644 owl-bot-staging/v1/mypy.ini delete mode 100644 owl-bot-staging/v1/noxfile.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json delete mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py delete mode 100644 owl-bot-staging/v1/setup.py delete mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1/tests/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py delete mode 100644 owl-bot-staging/v1beta1/.coveragerc delete mode 100644 owl-bot-staging/v1beta1/.flake8 delete mode 100644 owl-bot-staging/v1beta1/MANIFEST.in delete mode 100644 owl-bot-staging/v1beta1/README.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst delete mode 100644 owl-bot-staging/v1beta1/docs/conf.py delete mode 100644 owl-bot-staging/v1beta1/docs/index.rst delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py delete mode 100644 owl-bot-staging/v1beta1/mypy.ini delete mode 100644 owl-bot-staging/v1beta1/noxfile.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json delete mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py delete mode 100644 owl-bot-staging/v1beta1/setup.py delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1beta1/tests/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py index ad73716..43fce1c 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py @@ -16,7 +16,17 @@ from collections import OrderedDict import functools import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, +) import pkg_resources from google.api_core.client_options import ClientOptions @@ -182,9 +192,9 @@ def transport(self) -> BinauthzManagementServiceV1Transport: def __init__( self, *, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, + client_options: Optional[ClientOptions] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the binauthz management service v1 client. @@ -228,11 +238,11 @@ def __init__( async def get_policy( self, - request: Union[service.GetPolicyRequest, dict] = None, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies @@ -274,7 +284,7 @@ async def sample_get_policy(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]]): The request object. Request message for [BinauthzManagementService.GetPolicy][]. name (:class:`str`): @@ -351,11 +361,11 @@ async def sample_get_policy(): async def update_policy( self, - request: Union[service.UpdatePolicyRequest, dict] = None, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, *, - policy: resources.Policy = None, + policy: Optional[resources.Policy] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Creates or updates a project's @@ -398,7 +408,7 @@ async def sample_update_policy(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]]): The request object. Request message for [BinauthzManagementService.UpdatePolicy][]. policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): @@ -480,13 +490,13 @@ async def sample_update_policy(): async def create_attestor( self, - request: Union[service.CreateAttestorRequest, dict] = None, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Creates an @@ -531,7 +541,7 @@ async def sample_create_attestor(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.CreateAttestor][]. parent (:class:`str`): @@ -621,11 +631,11 @@ async def sample_create_attestor(): async def get_attestor( self, - request: Union[service.GetAttestorRequest, dict] = None, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Gets an @@ -661,7 +671,7 @@ async def sample_get_attestor(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.GetAttestor][]. name (:class:`str`): @@ -739,11 +749,11 @@ async def sample_get_attestor(): async def update_attestor( self, - request: Union[service.UpdateAttestorRequest, dict] = None, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, *, - attestor: resources.Attestor = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Updates an @@ -783,7 +793,7 @@ async def sample_update_attestor(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.UpdateAttestor][]. attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): @@ -866,11 +876,11 @@ async def sample_update_attestor(): async def list_attestors( self, - request: Union[service.ListAttestorsRequest, dict] = None, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, *, - parent: str = None, + parent: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> pagers.ListAttestorsAsyncPager: r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. @@ -904,7 +914,7 @@ async def sample_list_attestors(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]]): The request object. Request message for [BinauthzManagementService.ListAttestors][]. parent (:class:`str`): @@ -994,11 +1004,11 @@ async def sample_list_attestors(): async def delete_attestor( self, - request: Union[service.DeleteAttestorRequest, dict] = None, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> None: r"""Deletes an @@ -1031,7 +1041,7 @@ async def sample_delete_attestor(): await client.delete_attestor(request=request) Args: - request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.DeleteAttestor][]. name (:class:`str`): diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py index 364c93e..689c3b8 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -16,7 +16,18 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, + cast, +) import pkg_resources from google.api_core import client_options as client_options_lib @@ -63,7 +74,7 @@ class BinauthzManagementServiceV1ClientMeta(type): def get_transport_class( cls, - label: str = None, + label: Optional[str] = None, ) -> Type[BinauthzManagementServiceV1Transport]: """Returns an appropriate transport class. @@ -357,7 +368,7 @@ def __init__( self, *, credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Transport, None] = None, + transport: Optional[Union[str, BinauthzManagementServiceV1Transport]] = None, client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: @@ -455,11 +466,11 @@ def __init__( def get_policy( self, - request: Union[service.GetPolicyRequest, dict] = None, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies @@ -568,11 +579,11 @@ def sample_get_policy(): def update_policy( self, - request: Union[service.UpdatePolicyRequest, dict] = None, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, *, - policy: resources.Policy = None, + policy: Optional[resources.Policy] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Creates or updates a project's @@ -687,13 +698,13 @@ def sample_update_policy(): def create_attestor( self, - request: Union[service.CreateAttestorRequest, dict] = None, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Creates an @@ -828,11 +839,11 @@ def sample_create_attestor(): def get_attestor( self, - request: Union[service.GetAttestorRequest, dict] = None, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Gets an @@ -936,11 +947,11 @@ def sample_get_attestor(): def update_attestor( self, - request: Union[service.UpdateAttestorRequest, dict] = None, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, *, - attestor: resources.Attestor = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Updates an @@ -1053,11 +1064,11 @@ def sample_update_attestor(): def list_attestors( self, - request: Union[service.ListAttestorsRequest, dict] = None, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, *, - parent: str = None, + parent: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> pagers.ListAttestorsPager: r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. @@ -1171,11 +1182,11 @@ def sample_list_attestors(): def delete_attestor( self, - request: Union[service.DeleteAttestorRequest, dict] = None, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> None: r"""Deletes an diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py index f17da23..a2bc518 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py @@ -50,7 +50,7 @@ def __init__( self, *, host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py index 744a941..5518ec2 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py @@ -55,14 +55,14 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, @@ -189,8 +189,8 @@ def __init__( def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, **kwargs, diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py index 5f53f03..d889b73 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py @@ -59,7 +59,7 @@ class BinauthzManagementServiceV1GrpcAsyncIOTransport( def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, @@ -102,15 +102,15 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, api_audience: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py index eb00372..9031285 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py @@ -16,7 +16,17 @@ from collections import OrderedDict import functools import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, +) import pkg_resources from google.api_core.client_options import ClientOptions @@ -159,9 +169,9 @@ def transport(self) -> SystemPolicyV1Transport: def __init__( self, *, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, + client_options: Optional[ClientOptions] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the system policy v1 client. @@ -205,11 +215,11 @@ def __init__( async def get_system_policy( self, - request: Union[service.GetSystemPolicyRequest, dict] = None, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Gets the current system policy in the specified @@ -242,7 +252,7 @@ async def sample_get_system_policy(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]]): The request object. Request to read the current system policy. name (:class:`str`): diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py index b5b1d46..7d34526 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -16,7 +16,18 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, + cast, +) import pkg_resources from google.api_core import client_options as client_options_lib @@ -58,7 +69,7 @@ class SystemPolicyV1ClientMeta(type): def get_transport_class( cls, - label: str = None, + label: Optional[str] = None, ) -> Type[SystemPolicyV1Transport]: """Returns an appropriate transport class. @@ -326,7 +337,7 @@ def __init__( self, *, credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Transport, None] = None, + transport: Optional[Union[str, SystemPolicyV1Transport]] = None, client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: @@ -424,11 +435,11 @@ def __init__( def get_system_policy( self, - request: Union[service.GetSystemPolicyRequest, dict] = None, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Gets the current system policy in the specified diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py index 1bd6378..f057356 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py @@ -49,7 +49,7 @@ def __init__( self, *, host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py index 83441d4..6eaf4a7 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py @@ -48,14 +48,14 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, @@ -182,8 +182,8 @@ def __init__( def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, **kwargs, diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py index 3c3231f..cfeaa7c 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py @@ -50,7 +50,7 @@ class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, @@ -93,15 +93,15 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, api_audience: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py index 911fe13..5ebbcd2 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py @@ -16,7 +16,17 @@ from collections import OrderedDict import functools import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, +) import pkg_resources from google.api_core.client_options import ClientOptions @@ -156,9 +166,9 @@ def transport(self) -> ValidationHelperV1Transport: def __init__( self, *, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, + client_options: Optional[ClientOptions] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the validation helper v1 client. @@ -202,10 +212,12 @@ def __init__( async def validate_attestation_occurrence( self, - request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, + request: Optional[ + Union[service.ValidateAttestationOccurrenceRequest, dict] + ] = None, *, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> service.ValidateAttestationOccurrenceResponse: r"""Returns whether the given Attestation for the given @@ -240,7 +252,7 @@ async def sample_validate_attestation_occurrence(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]]): The request object. Request message for [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. retry (google.api_core.retry.Retry): Designation of what errors, if any, diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py index b7d609d..6c7742d 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -16,7 +16,18 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, + cast, +) import pkg_resources from google.api_core import client_options as client_options_lib @@ -56,7 +67,7 @@ class ValidationHelperV1ClientMeta(type): def get_transport_class( cls, - label: str = None, + label: Optional[str] = None, ) -> Type[ValidationHelperV1Transport]: """Returns an appropriate transport class. @@ -309,7 +320,7 @@ def __init__( self, *, credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, ValidationHelperV1Transport, None] = None, + transport: Optional[Union[str, ValidationHelperV1Transport]] = None, client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: @@ -407,10 +418,12 @@ def __init__( def validate_attestation_occurrence( self, - request: Union[service.ValidateAttestationOccurrenceRequest, dict] = None, + request: Optional[ + Union[service.ValidateAttestationOccurrenceRequest, dict] + ] = None, *, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> service.ValidateAttestationOccurrenceResponse: r"""Returns whether the given Attestation for the given diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py index 1bb8bb9..277a5c6 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py @@ -48,7 +48,7 @@ def __init__( self, *, host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py index 2ef2d11..d828bbd 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py @@ -47,14 +47,14 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, @@ -181,8 +181,8 @@ def __init__( def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, **kwargs, diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py index 92ac31f..629bcf2 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py @@ -49,7 +49,7 @@ class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, @@ -92,15 +92,15 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, api_audience: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1/types/resources.py b/google/cloud/binaryauthorization_v1/types/resources.py index 9bbfb50..2a84fbe 100644 --- a/google/cloud/binaryauthorization_v1/types/resources.py +++ b/google/cloud/binaryauthorization_v1/types/resources.py @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from typing import MutableMapping, MutableSequence + import proto # type: ignore from google.protobuf import timestamp_pb2 # type: ignore @@ -51,27 +53,27 @@ class Policy(proto.Message): project admission policy. This setting has no effect when specified inside a global admission policy. - admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): + admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies. - cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): Optional. Per-cluster admission rules. Cluster spec format: ``location.clusterId``. There can be at most one admission rule per cluster spec. A ``location`` is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For ``clusterId`` syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace' - kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): Optional. Per-kubernetes-service-account admission rules. Service account spec format: ``namespace:serviceaccount``. e.g. 'test-ns:default' - istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): Optional. Per-istio-service-identity admission rules. Istio service identity spec format: @@ -94,54 +96,62 @@ class GlobalPolicyEvaluationMode(proto.Enum): ENABLE = 1 DISABLE = 2 - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) - description = proto.Field( + description: str = proto.Field( proto.STRING, number=6, ) - global_policy_evaluation_mode = proto.Field( + global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( proto.ENUM, number=7, enum=GlobalPolicyEvaluationMode, ) - admission_whitelist_patterns = proto.RepeatedField( + admission_whitelist_patterns: MutableSequence[ + "AdmissionWhitelistPattern" + ] = proto.RepeatedField( proto.MESSAGE, number=2, message="AdmissionWhitelistPattern", ) - cluster_admission_rules = proto.MapField( + cluster_admission_rules: MutableMapping[str, "AdmissionRule"] = proto.MapField( proto.STRING, proto.MESSAGE, number=3, message="AdmissionRule", ) - kubernetes_namespace_admission_rules = proto.MapField( + kubernetes_namespace_admission_rules: MutableMapping[ + str, "AdmissionRule" + ] = proto.MapField( proto.STRING, proto.MESSAGE, number=10, message="AdmissionRule", ) - kubernetes_service_account_admission_rules = proto.MapField( + kubernetes_service_account_admission_rules: MutableMapping[ + str, "AdmissionRule" + ] = proto.MapField( proto.STRING, proto.MESSAGE, number=8, message="AdmissionRule", ) - istio_service_identity_admission_rules = proto.MapField( + istio_service_identity_admission_rules: MutableMapping[ + str, "AdmissionRule" + ] = proto.MapField( proto.STRING, proto.MESSAGE, number=9, message="AdmissionRule", ) - default_admission_rule = proto.Field( + default_admission_rule: "AdmissionRule" = proto.Field( proto.MESSAGE, number=4, message="AdmissionRule", ) - update_time = proto.Field( + update_time: timestamp_pb2.Timestamp = proto.Field( proto.MESSAGE, number=5, message=timestamp_pb2.Timestamp, @@ -163,7 +173,7 @@ class AdmissionWhitelistPattern(proto.Message): wildcard which matches subdirectories of a given entry. """ - name_pattern = proto.Field( + name_pattern: str = proto.Field( proto.STRING, number=1, ) @@ -187,7 +197,7 @@ class AdmissionRule(proto.Message): evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): Required. How this admission rule will be evaluated. - require_attestations_by (Sequence[str]): + require_attestations_by (MutableSequence[str]): Optional. The resource names of the attestors that must attest to a container image, in the format ``projects/*/attestors/*``. Each attestor must exist before @@ -218,16 +228,16 @@ class EnforcementMode(proto.Enum): ENFORCED_BLOCK_AND_AUDIT_LOG = 1 DRYRUN_AUDIT_LOG_ONLY = 2 - evaluation_mode = proto.Field( + evaluation_mode: EvaluationMode = proto.Field( proto.ENUM, number=1, enum=EvaluationMode, ) - require_attestations_by = proto.RepeatedField( + require_attestations_by: MutableSequence[str] = proto.RepeatedField( proto.STRING, number=2, ) - enforcement_mode = proto.Field( + enforcement_mode: EnforcementMode = proto.Field( proto.ENUM, number=3, enum=EnforcementMode, @@ -261,21 +271,21 @@ class Attestor(proto.Message): updated. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) - description = proto.Field( + description: str = proto.Field( proto.STRING, number=6, ) - user_owned_grafeas_note = proto.Field( + user_owned_grafeas_note: "UserOwnedGrafeasNote" = proto.Field( proto.MESSAGE, number=3, oneof="attestor_type", message="UserOwnedGrafeasNote", ) - update_time = proto.Field( + update_time: timestamp_pb2.Timestamp = proto.Field( proto.MESSAGE, number=4, message=timestamp_pb2.Timestamp, @@ -298,7 +308,7 @@ class UserOwnedGrafeasNote(proto.Message): Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency. - public_keys (Sequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): + public_keys (MutableSequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): Optional. Public keys that verify attestations signed by this attestor. This field may be updated. @@ -323,16 +333,16 @@ class UserOwnedGrafeasNote(proto.Message): email based on a different naming pattern. """ - note_reference = proto.Field( + note_reference: str = proto.Field( proto.STRING, number=1, ) - public_keys = proto.RepeatedField( + public_keys: MutableSequence["AttestorPublicKey"] = proto.RepeatedField( proto.MESSAGE, number=2, message="AttestorPublicKey", ) - delegation_service_account_email = proto.Field( + delegation_service_account_email: str = proto.Field( proto.STRING, number=3, ) @@ -382,11 +392,11 @@ class SignatureAlgorithm(proto.Enum): ECDSA_P521_SHA512 = 11 EC_SIGN_P521_SHA512 = 11 - public_key_pem = proto.Field( + public_key_pem: str = proto.Field( proto.STRING, number=1, ) - signature_algorithm = proto.Field( + signature_algorithm: SignatureAlgorithm = proto.Field( proto.ENUM, number=2, enum=SignatureAlgorithm, @@ -440,20 +450,20 @@ class AttestorPublicKey(proto.Message): This field is a member of `oneof`_ ``public_key``. """ - comment = proto.Field( + comment: str = proto.Field( proto.STRING, number=1, ) - id = proto.Field( + id: str = proto.Field( proto.STRING, number=2, ) - ascii_armored_pgp_public_key = proto.Field( + ascii_armored_pgp_public_key: str = proto.Field( proto.STRING, number=3, oneof="public_key", ) - pkix_public_key = proto.Field( + pkix_public_key: "PkixPublicKey" = proto.Field( proto.MESSAGE, number=5, oneof="public_key", diff --git a/google/cloud/binaryauthorization_v1/types/service.py b/google/cloud/binaryauthorization_v1/types/service.py index eaf253c..5449034 100644 --- a/google/cloud/binaryauthorization_v1/types/service.py +++ b/google/cloud/binaryauthorization_v1/types/service.py @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from typing import MutableMapping, MutableSequence + import proto # type: ignore from google.cloud.binaryauthorization_v1.types import resources @@ -47,7 +49,7 @@ class GetPolicyRequest(proto.Message): retrieve, in the format ``projects/*/policy``. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) @@ -66,7 +68,7 @@ class UpdatePolicyRequest(proto.Message): ``projects/*/policy``. """ - policy = proto.Field( + policy: resources.Policy = proto.Field( proto.MESSAGE, number=1, message=resources.Policy, @@ -93,15 +95,15 @@ class CreateAttestorRequest(proto.Message): ``projects/*/attestors/*``. """ - parent = proto.Field( + parent: str = proto.Field( proto.STRING, number=1, ) - attestor_id = proto.Field( + attestor_id: str = proto.Field( proto.STRING, number=2, ) - attestor = proto.Field( + attestor: resources.Attestor = proto.Field( proto.MESSAGE, number=3, message=resources.Attestor, @@ -118,7 +120,7 @@ class GetAttestorRequest(proto.Message): retrieve, in the format ``projects/*/attestors/*``. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) @@ -137,7 +139,7 @@ class UpdateAttestorRequest(proto.Message): format ``projects/*/attestors/*``. """ - attestor = proto.Field( + attestor: resources.Attestor = proto.Field( proto.MESSAGE, number=1, message=resources.Attestor, @@ -165,15 +167,15 @@ class ListAttestorsRequest(proto.Message): method. """ - parent = proto.Field( + parent: str = proto.Field( proto.STRING, number=1, ) - page_size = proto.Field( + page_size: int = proto.Field( proto.INT32, number=2, ) - page_token = proto.Field( + page_token: str = proto.Field( proto.STRING, number=3, ) @@ -183,7 +185,7 @@ class ListAttestorsResponse(proto.Message): r"""Response message for [BinauthzManagementService.ListAttestors][]. Attributes: - attestors (Sequence[google.cloud.binaryauthorization_v1.types.Attestor]): + attestors (MutableSequence[google.cloud.binaryauthorization_v1.types.Attestor]): The list of [attestors][google.cloud.binaryauthorization.v1.Attestor]. next_page_token (str): @@ -198,12 +200,12 @@ class ListAttestorsResponse(proto.Message): def raw_page(self): return self - attestors = proto.RepeatedField( + attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( proto.MESSAGE, number=1, message=resources.Attestor, ) - next_page_token = proto.Field( + next_page_token: str = proto.Field( proto.STRING, number=2, ) @@ -219,7 +221,7 @@ class DeleteAttestorRequest(proto.Message): delete, in the format ``projects/*/attestors/*``. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) @@ -235,7 +237,7 @@ class GetSystemPolicyRequest(proto.Message): associated with a project. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) @@ -267,20 +269,20 @@ class ValidateAttestationOccurrenceRequest(proto.Message): [Occurrence][grafeas.v1.Occurrence]. """ - attestor = proto.Field( + attestor: str = proto.Field( proto.STRING, number=1, ) - attestation = proto.Field( + attestation: attestation_pb2.AttestationOccurrence = proto.Field( proto.MESSAGE, number=2, message=attestation.AttestationOccurrence, ) - occurrence_note = proto.Field( + occurrence_note: str = proto.Field( proto.STRING, number=3, ) - occurrence_resource_uri = proto.Field( + occurrence_resource_uri: str = proto.Field( proto.STRING, number=4, ) @@ -304,12 +306,12 @@ class Result(proto.Enum): VERIFIED = 1 ATTESTATION_NOT_VERIFIABLE = 2 - result = proto.Field( + result: Result = proto.Field( proto.ENUM, number=1, enum=Result, ) - denial_reason = proto.Field( + denial_reason: str = proto.Field( proto.STRING, number=2, ) diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py index 2c591a7..470d14b 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py @@ -16,7 +16,17 @@ from collections import OrderedDict import functools import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, +) import pkg_resources from google.api_core.client_options import ClientOptions @@ -187,11 +197,11 @@ def transport(self) -> BinauthzManagementServiceV1Beta1Transport: def __init__( self, *, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, transport: Union[ str, BinauthzManagementServiceV1Beta1Transport ] = "grpc_asyncio", - client_options: ClientOptions = None, + client_options: Optional[ClientOptions] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the binauthz management service v1 beta1 client. @@ -235,11 +245,11 @@ def __init__( async def get_policy( self, - request: Union[service.GetPolicyRequest, dict] = None, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] @@ -283,7 +293,7 @@ async def sample_get_policy(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]]): The request object. Request message for [BinauthzManagementService.GetPolicy][]. name (:class:`str`): @@ -361,11 +371,11 @@ async def sample_get_policy(): async def update_policy( self, - request: Union[service.UpdatePolicyRequest, dict] = None, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, *, - policy: resources.Policy = None, + policy: Optional[resources.Policy] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Creates or updates a project's @@ -408,7 +418,7 @@ async def sample_update_policy(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]]): The request object. Request message for [BinauthzManagementService.UpdatePolicy][]. policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): @@ -491,13 +501,13 @@ async def sample_update_policy(): async def create_attestor( self, - request: Union[service.CreateAttestorRequest, dict] = None, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Creates an @@ -543,7 +553,7 @@ async def sample_create_attestor(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.CreateAttestor][]. parent (:class:`str`): @@ -633,11 +643,11 @@ async def sample_create_attestor(): async def get_attestor( self, - request: Union[service.GetAttestorRequest, dict] = None, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Gets an @@ -673,7 +683,7 @@ async def sample_get_attestor(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.GetAttestor][]. name (:class:`str`): @@ -751,11 +761,11 @@ async def sample_get_attestor(): async def update_attestor( self, - request: Union[service.UpdateAttestorRequest, dict] = None, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, *, - attestor: resources.Attestor = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Updates an @@ -795,7 +805,7 @@ async def sample_update_attestor(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.UpdateAttestor][]. attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): @@ -878,11 +888,11 @@ async def sample_update_attestor(): async def list_attestors( self, - request: Union[service.ListAttestorsRequest, dict] = None, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, *, - parent: str = None, + parent: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> pagers.ListAttestorsAsyncPager: r"""Lists @@ -917,7 +927,7 @@ async def sample_list_attestors(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]]): The request object. Request message for [BinauthzManagementService.ListAttestors][]. parent (:class:`str`): @@ -1007,11 +1017,11 @@ async def sample_list_attestors(): async def delete_attestor( self, - request: Union[service.DeleteAttestorRequest, dict] = None, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> None: r"""Deletes an @@ -1044,7 +1054,7 @@ async def sample_delete_attestor(): await client.delete_attestor(request=request) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]]): The request object. Request message for [BinauthzManagementService.DeleteAttestor][]. name (:class:`str`): diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py index 8a7c1c1..1a784a5 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -16,7 +16,18 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, + cast, +) import pkg_resources from google.api_core import client_options as client_options_lib @@ -68,7 +79,7 @@ class BinauthzManagementServiceV1Beta1ClientMeta(type): def get_transport_class( cls, - label: str = None, + label: Optional[str] = None, ) -> Type[BinauthzManagementServiceV1Beta1Transport]: """Returns an appropriate transport class. @@ -362,7 +373,9 @@ def __init__( self, *, credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Beta1Transport, None] = None, + transport: Optional[ + Union[str, BinauthzManagementServiceV1Beta1Transport] + ] = None, client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: @@ -460,11 +473,11 @@ def __init__( def get_policy( self, - request: Union[service.GetPolicyRequest, dict] = None, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] @@ -576,11 +589,11 @@ def sample_get_policy(): def update_policy( self, - request: Union[service.UpdatePolicyRequest, dict] = None, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, *, - policy: resources.Policy = None, + policy: Optional[resources.Policy] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Creates or updates a project's @@ -696,13 +709,13 @@ def sample_update_policy(): def create_attestor( self, - request: Union[service.CreateAttestorRequest, dict] = None, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, *, - parent: str = None, - attestor_id: str = None, - attestor: resources.Attestor = None, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Creates an @@ -838,11 +851,11 @@ def sample_create_attestor(): def get_attestor( self, - request: Union[service.GetAttestorRequest, dict] = None, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Gets an @@ -946,11 +959,11 @@ def sample_get_attestor(): def update_attestor( self, - request: Union[service.UpdateAttestorRequest, dict] = None, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, *, - attestor: resources.Attestor = None, + attestor: Optional[resources.Attestor] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Attestor: r"""Updates an @@ -1063,11 +1076,11 @@ def sample_update_attestor(): def list_attestors( self, - request: Union[service.ListAttestorsRequest, dict] = None, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, *, - parent: str = None, + parent: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> pagers.ListAttestorsPager: r"""Lists @@ -1182,11 +1195,11 @@ def sample_list_attestors(): def delete_attestor( self, - request: Union[service.DeleteAttestorRequest, dict] = None, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> None: r"""Deletes an diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py index 12e3d05..00a3365 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py @@ -50,7 +50,7 @@ def __init__( self, *, host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py index 392f45e..7d9a61d 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py @@ -57,14 +57,14 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, @@ -191,8 +191,8 @@ def __init__( def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, **kwargs, diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py index a0f5a6f..c0dde78 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py @@ -59,7 +59,7 @@ class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, @@ -102,15 +102,15 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, api_audience: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py index f98eb60..0357395 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py @@ -16,7 +16,17 @@ from collections import OrderedDict import functools import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, +) import pkg_resources from google.api_core.client_options import ClientOptions @@ -160,9 +170,9 @@ def transport(self) -> SystemPolicyV1Beta1Transport: def __init__( self, *, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", - client_options: ClientOptions = None, + client_options: Optional[ClientOptions] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: """Instantiates the system policy v1 beta1 client. @@ -206,11 +216,11 @@ def __init__( async def get_system_policy( self, - request: Union[service.GetSystemPolicyRequest, dict] = None, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Gets the current system policy in the specified @@ -243,7 +253,7 @@ async def sample_get_system_policy(): print(response) Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]]): The request object. Request to read the current system policy. name (:class:`str`): diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py index f272fd2..0599c8b 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -16,7 +16,18 @@ from collections import OrderedDict import os import re -from typing import Dict, Mapping, Optional, Sequence, Tuple, Type, Union, cast +from typing import ( + Dict, + Mapping, + MutableMapping, + MutableSequence, + Optional, + Sequence, + Tuple, + Type, + Union, + cast, +) import pkg_resources from google.api_core import client_options as client_options_lib @@ -58,7 +69,7 @@ class SystemPolicyV1Beta1ClientMeta(type): def get_transport_class( cls, - label: str = None, + label: Optional[str] = None, ) -> Type[SystemPolicyV1Beta1Transport]: """Returns an appropriate transport class. @@ -326,7 +337,7 @@ def __init__( self, *, credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Beta1Transport, None] = None, + transport: Optional[Union[str, SystemPolicyV1Beta1Transport]] = None, client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, ) -> None: @@ -424,11 +435,11 @@ def __init__( def get_system_policy( self, - request: Union[service.GetSystemPolicyRequest, dict] = None, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, *, - name: str = None, + name: Optional[str] = None, retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, + timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = (), ) -> resources.Policy: r"""Gets the current system policy in the specified diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py index 15802ec..494c249 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py @@ -49,7 +49,7 @@ def __init__( self, *, host: str = DEFAULT_HOST, - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py index e56b9d7..7412b39 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py @@ -48,14 +48,14 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, - scopes: Sequence[str] = None, - channel: grpc.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, @@ -182,8 +182,8 @@ def __init__( def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, - credentials_file: str = None, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, **kwargs, diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py index f65c114..4ad40a2 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py @@ -50,7 +50,7 @@ class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): def create_channel( cls, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, quota_project_id: Optional[str] = None, @@ -93,15 +93,15 @@ def __init__( self, *, host: str = "binaryauthorization.googleapis.com", - credentials: ga_credentials.Credentials = None, + credentials: Optional[ga_credentials.Credentials] = None, credentials_file: Optional[str] = None, scopes: Optional[Sequence[str]] = None, - channel: aio.Channel = None, - api_mtls_endpoint: str = None, - client_cert_source: Callable[[], Tuple[bytes, bytes]] = None, - ssl_channel_credentials: grpc.ChannelCredentials = None, - client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None, - quota_project_id=None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, always_use_jwt_access: Optional[bool] = False, api_audience: Optional[str] = None, diff --git a/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py index 9f6ad54..e470ba6 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py +++ b/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from typing import MutableMapping, MutableSequence + import proto # type: ignore from google.protobuf import timestamp_pb2 # type: ignore @@ -62,7 +64,7 @@ class ContinuousValidationPodEvent(proto.Message): nothing if still running. verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): Auditing verdict for this Pod. - images (Sequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): + images (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): List of images with auditing details. """ @@ -89,44 +91,46 @@ class AuditResult(proto.Enum): ALLOW = 1 DENY = 2 - image = proto.Field( + image: str = proto.Field( proto.STRING, number=1, ) - result = proto.Field( + result: "ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult" = proto.Field( proto.ENUM, number=2, enum="ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult", ) - description = proto.Field( + description: str = proto.Field( proto.STRING, number=3, ) - pod_namespace = proto.Field( + pod_namespace: str = proto.Field( proto.STRING, number=7, ) - pod = proto.Field( + pod: str = proto.Field( proto.STRING, number=1, ) - deploy_time = proto.Field( + deploy_time: timestamp_pb2.Timestamp = proto.Field( proto.MESSAGE, number=2, message=timestamp_pb2.Timestamp, ) - end_time = proto.Field( + end_time: timestamp_pb2.Timestamp = proto.Field( proto.MESSAGE, number=3, message=timestamp_pb2.Timestamp, ) - verdict = proto.Field( + verdict: "ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict" = proto.Field( proto.ENUM, number=4, enum="ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict", ) - images = proto.RepeatedField( + images: MutableSequence[ + "ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails" + ] = proto.RepeatedField( proto.MESSAGE, number=5, message="ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails", @@ -141,18 +145,18 @@ class UnsupportedPolicyEvent(proto.Message): A description of the unsupported policy. """ - description = proto.Field( + description: str = proto.Field( proto.STRING, number=1, ) - pod_event = proto.Field( + pod_event: ContinuousValidationPodEvent = proto.Field( proto.MESSAGE, number=1, oneof="event_type", message=ContinuousValidationPodEvent, ) - unsupported_policy_event = proto.Field( + unsupported_policy_event: UnsupportedPolicyEvent = proto.Field( proto.MESSAGE, number=2, oneof="event_type", diff --git a/google/cloud/binaryauthorization_v1beta1/types/resources.py b/google/cloud/binaryauthorization_v1beta1/types/resources.py index 0fd403e..76aeffa 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/resources.py +++ b/google/cloud/binaryauthorization_v1beta1/types/resources.py @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from typing import MutableMapping, MutableSequence + import proto # type: ignore from google.protobuf import timestamp_pb2 # type: ignore @@ -51,27 +53,27 @@ class Policy(proto.Message): project admission policy. This setting has no effect when specified inside a global admission policy. - admission_whitelist_patterns (Sequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): + admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): Optional. Admission policy allowlisting. A matching admission request will always be permitted. This feature is typically used to exclude Google or third-party infrastructure images from Binary Authorization policies. - cluster_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): Optional. Per-cluster admission rules. Cluster spec format: ``location.clusterId``. There can be at most one admission rule per cluster spec. A ``location`` is either a compute zone (e.g. us-central1-a) or a region (e.g. us-central1). For ``clusterId`` syntax restrictions see https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` - kubernetes_service_account_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): Optional. Per-kubernetes-service-account admission rules. Service account spec format: ``namespace:serviceaccount``. e.g. ``test-ns:default`` - istio_service_identity_admission_rules (Mapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): Optional. Per-istio-service-identity admission rules. Istio service identity spec format: ``spiffe:///ns//sa/`` or @@ -93,54 +95,62 @@ class GlobalPolicyEvaluationMode(proto.Enum): ENABLE = 1 DISABLE = 2 - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) - description = proto.Field( + description: str = proto.Field( proto.STRING, number=6, ) - global_policy_evaluation_mode = proto.Field( + global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( proto.ENUM, number=7, enum=GlobalPolicyEvaluationMode, ) - admission_whitelist_patterns = proto.RepeatedField( + admission_whitelist_patterns: MutableSequence[ + "AdmissionWhitelistPattern" + ] = proto.RepeatedField( proto.MESSAGE, number=2, message="AdmissionWhitelistPattern", ) - cluster_admission_rules = proto.MapField( + cluster_admission_rules: MutableMapping[str, "AdmissionRule"] = proto.MapField( proto.STRING, proto.MESSAGE, number=3, message="AdmissionRule", ) - kubernetes_namespace_admission_rules = proto.MapField( + kubernetes_namespace_admission_rules: MutableMapping[ + str, "AdmissionRule" + ] = proto.MapField( proto.STRING, proto.MESSAGE, number=10, message="AdmissionRule", ) - kubernetes_service_account_admission_rules = proto.MapField( + kubernetes_service_account_admission_rules: MutableMapping[ + str, "AdmissionRule" + ] = proto.MapField( proto.STRING, proto.MESSAGE, number=8, message="AdmissionRule", ) - istio_service_identity_admission_rules = proto.MapField( + istio_service_identity_admission_rules: MutableMapping[ + str, "AdmissionRule" + ] = proto.MapField( proto.STRING, proto.MESSAGE, number=9, message="AdmissionRule", ) - default_admission_rule = proto.Field( + default_admission_rule: "AdmissionRule" = proto.Field( proto.MESSAGE, number=4, message="AdmissionRule", ) - update_time = proto.Field( + update_time: timestamp_pb2.Timestamp = proto.Field( proto.MESSAGE, number=5, message=timestamp_pb2.Timestamp, @@ -165,7 +175,7 @@ class AdmissionWhitelistPattern(proto.Message): i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. """ - name_pattern = proto.Field( + name_pattern: str = proto.Field( proto.STRING, number=1, ) @@ -189,7 +199,7 @@ class AdmissionRule(proto.Message): evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): Required. How this admission rule will be evaluated. - require_attestations_by (Sequence[str]): + require_attestations_by (MutableSequence[str]): Optional. The resource names of the attestors that must attest to a container image, in the format ``projects/*/attestors/*``. Each attestor must exist before @@ -220,16 +230,16 @@ class EnforcementMode(proto.Enum): ENFORCED_BLOCK_AND_AUDIT_LOG = 1 DRYRUN_AUDIT_LOG_ONLY = 2 - evaluation_mode = proto.Field( + evaluation_mode: EvaluationMode = proto.Field( proto.ENUM, number=1, enum=EvaluationMode, ) - require_attestations_by = proto.RepeatedField( + require_attestations_by: MutableSequence[str] = proto.RepeatedField( proto.STRING, number=2, ) - enforcement_mode = proto.Field( + enforcement_mode: EnforcementMode = proto.Field( proto.ENUM, number=3, enum=EnforcementMode, @@ -261,21 +271,21 @@ class Attestor(proto.Message): updated. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) - description = proto.Field( + description: str = proto.Field( proto.STRING, number=6, ) - user_owned_drydock_note = proto.Field( + user_owned_drydock_note: "UserOwnedDrydockNote" = proto.Field( proto.MESSAGE, number=3, oneof="attestor_type", message="UserOwnedDrydockNote", ) - update_time = proto.Field( + update_time: timestamp_pb2.Timestamp = proto.Field( proto.MESSAGE, number=4, message=timestamp_pb2.Timestamp, @@ -298,7 +308,7 @@ class UserOwnedDrydockNote(proto.Message): ATTESTATION_AUTHORITY Occurrence that names a container image and that links to this Note. Drydock is an external dependency. - public_keys (Sequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): + public_keys (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): Optional. Public keys that verify attestations signed by this attestor. This field may be updated. @@ -323,16 +333,16 @@ class UserOwnedDrydockNote(proto.Message): email based on a different naming pattern. """ - note_reference = proto.Field( + note_reference: str = proto.Field( proto.STRING, number=1, ) - public_keys = proto.RepeatedField( + public_keys: MutableSequence["AttestorPublicKey"] = proto.RepeatedField( proto.MESSAGE, number=2, message="AttestorPublicKey", ) - delegation_service_account_email = proto.Field( + delegation_service_account_email: str = proto.Field( proto.STRING, number=3, ) @@ -382,11 +392,11 @@ class SignatureAlgorithm(proto.Enum): ECDSA_P521_SHA512 = 11 EC_SIGN_P521_SHA512 = 11 - public_key_pem = proto.Field( + public_key_pem: str = proto.Field( proto.STRING, number=1, ) - signature_algorithm = proto.Field( + signature_algorithm: SignatureAlgorithm = proto.Field( proto.ENUM, number=2, enum=SignatureAlgorithm, @@ -440,20 +450,20 @@ class AttestorPublicKey(proto.Message): This field is a member of `oneof`_ ``public_key``. """ - comment = proto.Field( + comment: str = proto.Field( proto.STRING, number=1, ) - id = proto.Field( + id: str = proto.Field( proto.STRING, number=2, ) - ascii_armored_pgp_public_key = proto.Field( + ascii_armored_pgp_public_key: str = proto.Field( proto.STRING, number=3, oneof="public_key", ) - pkix_public_key = proto.Field( + pkix_public_key: "PkixPublicKey" = proto.Field( proto.MESSAGE, number=5, oneof="public_key", diff --git a/google/cloud/binaryauthorization_v1beta1/types/service.py b/google/cloud/binaryauthorization_v1beta1/types/service.py index a2ea946..51f8481 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/service.py +++ b/google/cloud/binaryauthorization_v1beta1/types/service.py @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # +from typing import MutableMapping, MutableSequence + import proto # type: ignore from google.cloud.binaryauthorization_v1beta1.types import resources @@ -44,7 +46,7 @@ class GetPolicyRequest(proto.Message): retrieve, in the format ``projects/*/policy``. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) @@ -63,7 +65,7 @@ class UpdatePolicyRequest(proto.Message): format ``projects/*/policy``. """ - policy = proto.Field( + policy: resources.Policy = proto.Field( proto.MESSAGE, number=1, message=resources.Policy, @@ -90,15 +92,15 @@ class CreateAttestorRequest(proto.Message): ``projects/*/attestors/*``. """ - parent = proto.Field( + parent: str = proto.Field( proto.STRING, number=1, ) - attestor_id = proto.Field( + attestor_id: str = proto.Field( proto.STRING, number=2, ) - attestor = proto.Field( + attestor: resources.Attestor = proto.Field( proto.MESSAGE, number=3, message=resources.Attestor, @@ -115,7 +117,7 @@ class GetAttestorRequest(proto.Message): to retrieve, in the format ``projects/*/attestors/*``. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) @@ -134,7 +136,7 @@ class UpdateAttestorRequest(proto.Message): format ``projects/*/attestors/*``. """ - attestor = proto.Field( + attestor: resources.Attestor = proto.Field( proto.MESSAGE, number=1, message=resources.Attestor, @@ -162,15 +164,15 @@ class ListAttestorsRequest(proto.Message): method. """ - parent = proto.Field( + parent: str = proto.Field( proto.STRING, number=1, ) - page_size = proto.Field( + page_size: int = proto.Field( proto.INT32, number=2, ) - page_token = proto.Field( + page_token: str = proto.Field( proto.STRING, number=3, ) @@ -180,7 +182,7 @@ class ListAttestorsResponse(proto.Message): r"""Response message for [BinauthzManagementService.ListAttestors][]. Attributes: - attestors (Sequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): + attestors (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): The list of [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. next_page_token (str): @@ -195,12 +197,12 @@ class ListAttestorsResponse(proto.Message): def raw_page(self): return self - attestors = proto.RepeatedField( + attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( proto.MESSAGE, number=1, message=resources.Attestor, ) - next_page_token = proto.Field( + next_page_token: str = proto.Field( proto.STRING, number=2, ) @@ -216,7 +218,7 @@ class DeleteAttestorRequest(proto.Message): to delete, in the format ``projects/*/attestors/*``. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) @@ -232,7 +234,7 @@ class GetSystemPolicyRequest(proto.Message): associated with a project. """ - name = proto.Field( + name: str = proto.Field( proto.STRING, number=1, ) diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in deleted file mode 100644 index 25c03c6..0000000 --- a/owl-bot-staging/v1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst deleted file mode 100644 index 1d11618..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1 ---------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst deleted file mode 100644 index d8423c9..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst +++ /dev/null @@ -1,8 +0,0 @@ -Services for Google Cloud Binaryauthorization v1 API -==================================================== -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1 - system_policy_v1 - validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst deleted file mode 100644 index da7e2d4..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1 --------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst deleted file mode 100644 index f693b22..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst +++ /dev/null @@ -1,7 +0,0 @@ -Types for Google Cloud Binaryauthorization v1 API -================================================= - -.. automodule:: google.cloud.binaryauthorization_v1.types - :members: - :undoc-members: - :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst deleted file mode 100644 index 5d92ddc..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -ValidationHelperV1 ------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst deleted file mode 100644 index 5c33d39..0000000 --- a/owl-bot-staging/v1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1/services - binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index cd87c27..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,71 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient - -from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1.types.resources import Attestor -from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1.types.resources import Policy -from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote -from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse - -__all__ = ('BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py deleted file mode 100644 index 35859c3..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py +++ /dev/null @@ -1,16 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py deleted file mode 100644 index 4a0253e..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,72 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from .services.system_policy_v1 import SystemPolicyV1Client -from .services.system_policy_v1 import SystemPolicyV1AsyncClient -from .services.validation_helper_v1 import ValidationHelperV1Client -from .services.validation_helper_v1 import ValidationHelperV1AsyncClient - -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedGrafeasNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest -from .types.service import ValidateAttestationOccurrenceRequest -from .types.service import ValidateAttestationOccurrenceResponse - -__all__ = ( - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Client', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedGrafeasNote', -'ValidateAttestationOccurrenceRequest', -'ValidateAttestationOccurrenceResponse', -'ValidationHelperV1Client', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json deleted file mode 100644 index 1d349e7..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json +++ /dev/null @@ -1,141 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1", - "protoPackage": "google.cloud.binaryauthorization.v1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - }, - "ValidationHelperV1": { - "clients": { - "grpc": { - "libraryClient": "ValidationHelperV1Client", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - }, - "grpc-async": { - "libraryClient": "ValidationHelperV1AsyncClient", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py deleted file mode 100644 index eb79aec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Client -from .async_client import BinauthzManagementServiceV1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py deleted file mode 100644 index f528e30..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py +++ /dev/null @@ -1,1057 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Client - - -class BinauthzManagementServiceV1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - _client: BinauthzManagementServiceV1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py deleted file mode 100644 index 0fbbe00..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ /dev/null @@ -1,1225 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[BinauthzManagementServiceV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, BinauthzManagementServiceV1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Transport): - # transport is a BinauthzManagementServiceV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py deleted file mode 100644 index 2c7aa53..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py deleted file mode 100644 index 7ab66d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Transport -from .grpc import BinauthzManagementServiceV1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Transport', - 'BinauthzManagementServiceV1GrpcTransport', - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py deleted file mode 100644 index 8b1f99d..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py deleted file mode 100644 index d585f2d..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py +++ /dev/null @@ -1,465 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): - """gRPC backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py deleted file mode 100644 index 4b785bf..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,464 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1GrpcTransport - - -class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py deleted file mode 100644 index 61a11e8..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Client -from .async_client import SystemPolicyV1AsyncClient - -__all__ = ( - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py deleted file mode 100644 index 1d2b8ea..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py +++ /dev/null @@ -1,308 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport -from .client import SystemPolicyV1Client - - -class SystemPolicyV1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py deleted file mode 100644 index 9eba291..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ /dev/null @@ -1,509 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -class SystemPolicyV1ClientMeta(type): - """Metaclass for the SystemPolicyV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] - _transport_registry["grpc"] = SystemPolicyV1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[SystemPolicyV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, SystemPolicyV1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Transport): - # transport is a SystemPolicyV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py deleted file mode 100644 index feea8d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Transport -from .grpc import SystemPolicyV1GrpcTransport -from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] -_transport_registry['grpc'] = SystemPolicyV1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Transport', - 'SystemPolicyV1GrpcTransport', - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py deleted file mode 100644 index ab3d729..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py deleted file mode 100644 index 61d64c9..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): - """gRPC backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py deleted file mode 100644 index 3a0e56c..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1GrpcTransport - - -class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py deleted file mode 100644 index 5a441c1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import ValidationHelperV1Client -from .async_client import ValidationHelperV1AsyncClient - -__all__ = ( - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py deleted file mode 100644 index e6b4ad4..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py +++ /dev/null @@ -1,285 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport -from .client import ValidationHelperV1Client - - -class ValidationHelperV1AsyncClient: - """BinAuthz Attestor verification""" - - _client: ValidationHelperV1Client - - DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT - - common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) - parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) - common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) - parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) - common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) - parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) - common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) - parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = ValidationHelperV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def validate_attestation_occurrence(self, - request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.validate_attestation_occurrence, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py deleted file mode 100644 index d4d3744..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ /dev/null @@ -1,478 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import ValidationHelperV1GrpcTransport -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -class ValidationHelperV1ClientMeta(type): - """Metaclass for the ValidationHelperV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] - _transport_registry["grpc"] = ValidationHelperV1GrpcTransport - _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[ValidationHelperV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): - """BinAuthz Attestor verification""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, ValidationHelperV1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, ValidationHelperV1Transport): - # transport is a ValidationHelperV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def validate_attestation_occurrence(self, - request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - # Minor optimization to avoid making a copy if the user passes - # in a service.ValidateAttestationOccurrenceRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ValidateAttestationOccurrenceRequest): - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py deleted file mode 100644 index 09986f1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import ValidationHelperV1Transport -from .grpc import ValidationHelperV1GrpcTransport -from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] -_transport_registry['grpc'] = ValidationHelperV1GrpcTransport -_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport - -__all__ = ( - 'ValidationHelperV1Transport', - 'ValidationHelperV1GrpcTransport', - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py deleted file mode 100644 index 900d488..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py +++ /dev/null @@ -1,154 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class ValidationHelperV1Transport(abc.ABC): - """Abstract transport class for ValidationHelperV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.validate_attestation_occurrence: gapic_v1.method.wrap_method( - self.validate_attestation_occurrence, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Union[ - service.ValidateAttestationOccurrenceResponse, - Awaitable[service.ValidateAttestationOccurrenceResponse] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'ValidationHelperV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py deleted file mode 100644 index 38bdba5..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO - - -class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): - """gRPC backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - service.ValidateAttestationOccurrenceResponse]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - ~.ValidateAttestationOccurrenceResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'ValidationHelperV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py deleted file mode 100644 index 468b3f2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .grpc import ValidationHelperV1GrpcTransport - - -class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): - """gRPC AsyncIO backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Awaitable[service.ValidateAttestationOccurrenceResponse]]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - Awaitable[~.ValidateAttestationOccurrenceResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py deleted file mode 100644 index cddd9b9..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedGrafeasNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, - ValidateAttestationOccurrenceRequest, - ValidateAttestationOccurrenceResponse, -) - -__all__ = ( - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py deleted file mode 100644 index 8c3e400..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py +++ /dev/null @@ -1,463 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedGrafeasNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container - image binary authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: [a-z.-]+, e.g. 'some-namespace' - kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. 'test-ns:default' - istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-istio-service-identity - admission rules. Istio service identity spec - format: - spiffe:///ns//sa/ - or /ns//sa/ - e.g. spiffe://example.com/ns/test-ns/sa/default - default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule: 'AdmissionRule' = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - wildcard, but this is allowed only in text after the - ``registry/`` part. This also supports a trailing ``**`` - wildcard which matches subdirectories of a given entry. - """ - - name_pattern: str = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies - either that all container images used in a pod creation request must - be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1.Attestor], that all - pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (MutableSequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode: EvaluationMode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by: MutableSequence[str] = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode: EnforcementMode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that - attests to container image artifacts. An existing attestor cannot be - modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): - This specifies how an attestation will be - read, and how it will be used during policy - enforcement. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - user_owned_grafeas_note: 'UserOwnedGrafeasNote' = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedGrafeasNote', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedGrafeasNote(proto.Message): - r"""An [user owned Grafeas - note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] - references a Grafeas Attestation.Authority Note created by the user. - - Attributes: - note_reference (str): - Required. The Grafeas resource name of a - Attestation.Authority Note, created by the user, in the - format: ``projects/*/notes/*``. This field may not be - updated. - - An attestation by this attestor is stored as a Grafeas - Attestation.Authority Occurrence that names a container - image and that links to this Note. Grafeas is an external - dependency. - public_keys (MutableSequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference: str = proto.Field( - proto.STRING, - number=1, - ) - public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email: str = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem: str = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm: SignatureAlgorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that - will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment: str = proto.Field( - proto.STRING, - number=1, - ) - id: str = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key: str = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key: 'PkixPublicKey' = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py deleted file mode 100644 index b05cf8b..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py +++ /dev/null @@ -1,319 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from grafeas.v1 import attestation_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] value. - The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] field - with the resource name in the request URL, in the format - ``projects/*/policy``. - """ - - policy: resources.Policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - attestor_id: str = proto.Field( - proto.STRING, - number=2, - ) - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] to - retrieve, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - page_size: int = proto.Field( - proto.INT32, - number=2, - ) - page_token: str = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (MutableSequence[google.cloud.binaryauthorization_v1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token: str = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] to - delete, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class ValidateAttestationOccurrenceRequest(proto.Message): - r"""Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - attestor (str): - Required. The resource name of the - [Attestor][google.cloud.binaryauthorization.v1.Attestor] of - the [occurrence][grafeas.v1.Occurrence], in the format - ``projects/*/attestors/*``. - attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): - Required. An - [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to - be checked that it can be verified by the Attestor. It does - not have to be an existing entity in Container Analysis. It - must otherwise be a valid AttestationOccurrence. - occurrence_note (str): - Required. The resource name of the [Note][grafeas.v1.Note] - to which the containing [Occurrence][grafeas.v1.Occurrence] - is associated. - occurrence_resource_uri (str): - Required. The URI of the artifact (e.g. container image) - that is the subject of the containing - [Occurrence][grafeas.v1.Occurrence]. - """ - - attestor: str = proto.Field( - proto.STRING, - number=1, - ) - attestation: attestation_pb2.AttestationOccurrence = proto.Field( - proto.MESSAGE, - number=2, - message=attestation_pb2.AttestationOccurrence, - ) - occurrence_note: str = proto.Field( - proto.STRING, - number=3, - ) - occurrence_resource_uri: str = proto.Field( - proto.STRING, - number=4, - ) - - -class ValidateAttestationOccurrenceResponse(proto.Message): - r"""Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): - The result of the Attestation validation. - denial_reason (str): - The reason for denial if the Attestation - couldn't be validated. - """ - class Result(proto.Enum): - r"""The enum returned in the "result" field.""" - RESULT_UNSPECIFIED = 0 - VERIFIED = 1 - ATTESTATION_NOT_VERIFIABLE = 2 - - result: Result = proto.Field( - proto.ENUM, - number=1, - enum=Result, - ) - denial_reason: str = proto.Field( - proto.STRING, - number=2, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py deleted file mode 100644 index 9dee1a0..0000000 --- a/owl-bot-staging/v1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py deleted file mode 100644 index 42f52bc..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py deleted file mode 100644 index e51ea8d..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py deleted file mode 100644 index 42c7afa..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py deleted file mode 100644 index e435188..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py deleted file mode 100644 index 61dbe83..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py deleted file mode 100644 index 7272538..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py deleted file mode 100644 index 287a39f..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py deleted file mode 100644 index 108d76c..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py deleted file mode 100644 index 2670d1a..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py deleted file mode 100644 index d7eecc9..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py deleted file mode 100644 index 8f0bd69..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py deleted file mode 100644 index 38073e4..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py deleted file mode 100644 index 12fc571..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py deleted file mode 100644 index d1ce288..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py deleted file mode 100644 index 3458ff1..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py deleted file mode 100644 index 9d84367..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py deleted file mode 100644 index 248502b..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py deleted file mode 100644 index 44cb427..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json deleted file mode 100644 index 6d29a4e..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json +++ /dev/null @@ -1,1466 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1", - "version": "v1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization", - "version": "0.1.0" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", - "shortName": "SystemPolicyV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", - "shortName": "SystemPolicyV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", - "shortName": "ValidationHelperV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", - "shortName": "ValidationHelperV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py deleted file mode 100644 index 62deb91..0000000 --- a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py +++ /dev/null @@ -1,184 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt deleted file mode 100644 index aca9f2d..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.7.txt +++ /dev/null @@ -1,11 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -# This file is intentionally left empty to test the -# latest versions of dependencies. -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py deleted file mode 100644 index d628bd1..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1GrpcTransport, - ) - -def test_binauthz_management_service_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py deleted file mode 100644 index 39f62c7..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1GrpcTransport, "grpc"), - (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_client_get_transport_class(): - transport = SystemPolicyV1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Client, SystemPolicyV1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1GrpcTransport, - ) - -def test_system_policy_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_no_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_with_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py deleted file mode 100644 index 837321c..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py +++ /dev/null @@ -1,1293 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from grafeas.v1 import attestation_pb2 # type: ignore -from grafeas.v1 import common_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.ValidationHelperV1GrpcTransport, "grpc"), - (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_validation_helper_v1_client_get_transport_class(): - transport = ValidationHelperV1Client.get_transport_class() - available_transports = [ - transports.ValidationHelperV1GrpcTransport, - ] - assert transport in available_transports - - transport = ValidationHelperV1Client.get_transport_class("grpc") - assert transport == transports.ValidationHelperV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - ValidationHelperV1Client, ValidationHelperV1AsyncClient -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_validation_helper_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = ValidationHelperV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.ValidateAttestationOccurrenceRequest, - dict, -]) -def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - ) - response = client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -def test_validate_attestation_occurrence_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - client.validate_attestation_occurrence() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - )) - response = await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async_from_dict(): - await test_validate_attestation_occurrence_async(request_type=dict) - - -def test_validate_attestation_occurrence_field_headers(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = service.ValidateAttestationOccurrenceResponse() - client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_field_headers_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) - await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = ValidationHelperV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = ValidationHelperV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.ValidationHelperV1GrpcTransport, - ) - -def test_validation_helper_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_validation_helper_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'validate_attestation_occurrence', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_validation_helper_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_validation_helper_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport() - adc.assert_called_once() - - -def test_validation_helper_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - ValidationHelperV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ValidationHelperV1GrpcTransport, grpc_helpers), - (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_no_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_with_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_validation_helper_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_validation_helper_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_common_billing_account_path(): - billing_account = "squid" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = ValidationHelperV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "clam", - } - path = ValidationHelperV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "whelk" - expected = "folders/{folder}".format(folder=folder, ) - actual = ValidationHelperV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "octopus", - } - path = ValidationHelperV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "oyster" - expected = "organizations/{organization}".format(organization=organization, ) - actual = ValidationHelperV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "nudibranch", - } - path = ValidationHelperV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "cuttlefish" - expected = "projects/{project}".format(project=project, ) - actual = ValidationHelperV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "mussel", - } - path = ValidationHelperV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "winkle" - location = "nautilus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = ValidationHelperV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "scallop", - "location": "abalone", - } - path = ValidationHelperV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - transport_class = ValidationHelperV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1beta1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1beta1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in deleted file mode 100644 index dcb06b9..0000000 --- a/owl-bot-staging/v1beta1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1beta1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst deleted file mode 100644 index 22016d0..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1Beta1 --------------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst deleted file mode 100644 index 0d0e455..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst +++ /dev/null @@ -1,7 +0,0 @@ -Services for Google Cloud Binaryauthorization v1beta1 API -========================================================= -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1_beta1 - system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst deleted file mode 100644 index 70a68bc..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1Beta1 -------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst deleted file mode 100644 index aa0d435..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst +++ /dev/null @@ -1,7 +0,0 @@ -Types for Google Cloud Binaryauthorization v1beta1 API -====================================================== - -.. automodule:: google.cloud.binaryauthorization_v1beta1.types - :members: - :undoc-members: - :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1beta1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst deleted file mode 100644 index 787a5eb..0000000 --- a/owl-bot-staging/v1beta1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1beta1/services - binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index ad30948..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,65 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient - -from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor -from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import Policy -from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote -from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest - -__all__ = ('BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py deleted file mode 100644 index 35859c3..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py +++ /dev/null @@ -1,16 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 39fdf61..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,66 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient - -from .types.continuous_validation_logging import ContinuousValidationEvent -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedDrydockNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest - -__all__ = ( - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Beta1Client', -'ContinuousValidationEvent', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Beta1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedDrydockNote', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json deleted file mode 100644 index 65f5f50..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json +++ /dev/null @@ -1,117 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1beta1", - "protoPackage": "google.cloud.binaryauthorization.v1beta1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Beta1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Beta1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1Beta1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py deleted file mode 100644 index c00aba6..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Beta1Client -from .async_client import BinauthzManagementServiceV1Beta1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py deleted file mode 100644 index b00a268..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py +++ /dev/null @@ -1,1063 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Beta1Client - - -class BinauthzManagementServiceV1Beta1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - _client: BinauthzManagementServiceV1Beta1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py deleted file mode 100644 index 43d098d..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ /dev/null @@ -1,1231 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1Beta1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[BinauthzManagementServiceV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, BinauthzManagementServiceV1Beta1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): - # transport is a BinauthzManagementServiceV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py deleted file mode 100644 index 3d12ffa..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py deleted file mode 100644 index 207eade..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Beta1Transport -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', - 'BinauthzManagementServiceV1Beta1GrpcTransport', - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py deleted file mode 100644 index f623a9e..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Beta1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py deleted file mode 100644 index 1ecdd2f..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,469 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index 05bf0a4..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,468 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport - - -class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py deleted file mode 100644 index 3fc064c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Beta1Client -from .async_client import SystemPolicyV1Beta1AsyncClient - -__all__ = ( - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py deleted file mode 100644 index 5f60e3c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py +++ /dev/null @@ -1,309 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport -from .client import SystemPolicyV1Beta1Client - - -class SystemPolicyV1Beta1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Beta1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py deleted file mode 100644 index 73d2151..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ /dev/null @@ -1,510 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1Beta1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -class SystemPolicyV1Beta1ClientMeta(type): - """Metaclass for the SystemPolicyV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] - _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[SystemPolicyV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, SystemPolicyV1Beta1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Beta1Transport): - # transport is a SystemPolicyV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py deleted file mode 100644 index 2afe7f8..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Beta1Transport -from .grpc import SystemPolicyV1Beta1GrpcTransport -from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] -_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Beta1Transport', - 'SystemPolicyV1Beta1GrpcTransport', - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py deleted file mode 100644 index 7332bfe..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Beta1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py deleted file mode 100644 index bbe28c5..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): - """gRPC backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index 21bdee3..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1Beta1GrpcTransport - - -class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py deleted file mode 100644 index 289c81c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .continuous_validation_logging import ( - ContinuousValidationEvent, -) -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedDrydockNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, -) - -__all__ = ( - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py deleted file mode 100644 index 85c30dd..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py +++ /dev/null @@ -1,163 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'ContinuousValidationEvent', - }, -) - - -class ContinuousValidationEvent(proto.Message): - r"""Represents an auditing event from Continuous Validation. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): - Pod event. - - This field is a member of `oneof`_ ``event_type``. - unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): - Unsupported policy event. - - This field is a member of `oneof`_ ``event_type``. - """ - - class ContinuousValidationPodEvent(proto.Message): - r"""An auditing event for one Pod. - - Attributes: - pod_namespace (str): - The k8s namespace of the Pod. - pod (str): - The name of the Pod. - deploy_time (google.protobuf.timestamp_pb2.Timestamp): - Deploy time of the Pod from k8s. - end_time (google.protobuf.timestamp_pb2.Timestamp): - Termination time of the Pod from k8s, or - nothing if still running. - verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): - Auditing verdict for this Pod. - images (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): - List of images with auditing details. - """ - class PolicyConformanceVerdict(proto.Enum): - r"""Audit time policy conformance verdict.""" - POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 - VIOLATES_POLICY = 1 - - class ImageDetails(proto.Message): - r"""Container image with auditing details. - - Attributes: - image (str): - The name of the image. - result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): - The result of the audit for this image. - description (str): - Description of the above result. - """ - class AuditResult(proto.Enum): - r"""Result of the audit.""" - AUDIT_RESULT_UNSPECIFIED = 0 - ALLOW = 1 - DENY = 2 - - image: str = proto.Field( - proto.STRING, - number=1, - ) - result: 'ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult' = proto.Field( - proto.ENUM, - number=2, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', - ) - description: str = proto.Field( - proto.STRING, - number=3, - ) - - pod_namespace: str = proto.Field( - proto.STRING, - number=7, - ) - pod: str = proto.Field( - proto.STRING, - number=1, - ) - deploy_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=2, - message=timestamp_pb2.Timestamp, - ) - end_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=3, - message=timestamp_pb2.Timestamp, - ) - verdict: 'ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict' = proto.Field( - proto.ENUM, - number=4, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', - ) - images: MutableSequence['ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails'] = proto.RepeatedField( - proto.MESSAGE, - number=5, - message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', - ) - - class UnsupportedPolicyEvent(proto.Message): - r"""An event describing that the project policy is unsupported by - CV. - - Attributes: - description (str): - A description of the unsupported policy. - """ - - description: str = proto.Field( - proto.STRING, - number=1, - ) - - pod_event: ContinuousValidationPodEvent = proto.Field( - proto.MESSAGE, - number=1, - oneof='event_type', - message=ContinuousValidationPodEvent, - ) - unsupported_policy_event: UnsupportedPolicyEvent = proto.Field( - proto.MESSAGE, - number=2, - oneof='event_type', - message=UnsupportedPolicyEvent, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py deleted file mode 100644 index 8884bab..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py +++ /dev/null @@ -1,463 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedDrydockNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - Binary Authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` - kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. ``test-ns:default`` - istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-istio-service-identity admission rules. Istio - service identity spec format: - ``spiffe:///ns//sa/`` or - ``/ns//sa/`` e.g. - ``spiffe://example.com/ns/test-ns/sa/default`` - default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule: 'AdmissionRule' = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - as a wildcard, but this is allowed only in text after the - ``registry/`` part. ``*`` wildcard does not match ``/``, - i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but - it does not match ``gcr.io/nginx/image``. This also supports - a trailing ``**`` wildcard which matches subdirectories, - i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. - """ - - name_pattern: str = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] - specifies either that all container images used in a pod creation - request must be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that - all pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (MutableSequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode: EvaluationMode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by: MutableSequence[str] = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode: EnforcementMode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - that attests to container image artifacts. An existing attestor - cannot be modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): - A Drydock ATTESTATION_AUTHORITY Note, created by the user. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - user_owned_drydock_note: 'UserOwnedDrydockNote' = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedDrydockNote', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedDrydockNote(proto.Message): - r"""An [user owned drydock - note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] - references a Drydock ATTESTATION_AUTHORITY Note created by the user. - - Attributes: - note_reference (str): - Required. The Drydock resource name of a - ATTESTATION_AUTHORITY Note, created by the user, in the - format: ``projects/*/notes/*`` (or the legacy - ``providers/*/notes/*``). This field may not be updated. - - An attestation by this attestor is stored as a Drydock - ATTESTATION_AUTHORITY Occurrence that names a container - image and that links to this Note. Drydock is an external - dependency. - public_keys (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference: str = proto.Field( - proto.STRING, - number=1, - ) - public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email: str = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem: str = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm: SignatureAlgorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] - that will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment: str = proto.Field( - proto.STRING, - number=1, - ) - id: str = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key: str = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key: 'PkixPublicKey' = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py deleted file mode 100644 index 4b8caad..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py +++ /dev/null @@ -1,243 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - """ - - policy: resources.Policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - attestor_id: str = proto.Field( - proto.STRING, - number=2, - ) - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - page_size: int = proto.Field( - proto.INT32, - number=2, - ) - page_token: str = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token: str = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1beta1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py deleted file mode 100644 index b45044d..0000000 --- a/owl-bot-staging/v1beta1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1beta1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py deleted file mode 100644 index 793b1ea..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py deleted file mode 100644 index 4de96ca..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py deleted file mode 100644 index 3aa680b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py deleted file mode 100644 index 7a0a694..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py deleted file mode 100644 index d3affd0..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py deleted file mode 100644 index b2fa796..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py deleted file mode 100644 index 99deaa5..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py deleted file mode 100644 index ae48362..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py deleted file mode 100644 index 9373d89..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py deleted file mode 100644 index 24f6afc..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py deleted file mode 100644 index 463bb99..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py deleted file mode 100644 index 21ce41a..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py deleted file mode 100644 index 2d3f605..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py deleted file mode 100644 index 85ba6b8..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py deleted file mode 100644 index 36a01b4..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py deleted file mode 100644 index 6b68d3b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json deleted file mode 100644 index c59b49a..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json +++ /dev/null @@ -1,1313 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1beta1", - "version": "v1beta1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization", - "version": "0.1.0" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", - "shortName": "SystemPolicyV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", - "shortName": "SystemPolicyV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py deleted file mode 100644 index e4d7076..0000000 --- a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py +++ /dev/null @@ -1,183 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1beta1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt deleted file mode 100644 index aca9f2d..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt +++ /dev/null @@ -1,11 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -# This file is intentionally left empty to test the -# latest versions of dependencies. -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py deleted file mode 100644 index e2b10aa..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_beta1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ) - -def test_binauthz_management_service_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py deleted file mode 100644 index b1902f9..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_beta1_client_get_transport_class(): - transport = SystemPolicyV1Beta1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1Beta1GrpcTransport, - ) - -def test_system_policy_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_no_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_with_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) From 7674c80e3f931d218071f848cc86d7f0c8a14914 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Sat, 12 Nov 2022 13:03:14 +0000 Subject: [PATCH 12/18] update path to snippet metadata json --- release-please-config.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/release-please-config.json b/release-please-config.json index 1c11d10..77a180c 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -5,11 +5,21 @@ "release-type": "python", "extra-files": [ "google/cloud/binaryauthorization/gapic_version.py", + { + "type": "json", + "path": "samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json", + "jsonpath": "$.clientLibrary.version" + }, { "type": "json", "path": "samples/generated_samples/snippet_metadata_binaryauthorization_v1.json", "jsonpath": "$.clientLibrary.version" }, + { + "type": "json", + "path": "samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json", + "jsonpath": "$.clientLibrary.version" + }, { "type": "json", "path": "samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json", From ae08661dd18fe80ef33e1bb3a60a142b2c3455e0 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Sat, 12 Nov 2022 16:18:21 +0000 Subject: [PATCH 13/18] chore: Update gapic-generator-python to v1.6.1 PiperOrigin-RevId: 488036204 Source-Link: https://github.com/googleapis/googleapis/commit/08f275f5c1c0d99056e1cb68376323414459ee19 Source-Link: https://github.com/googleapis/googleapis-gen/commit/555c0945e60649e38739ae64bc45719cdf72178f Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiNTU1YzA5NDVlNjA2NDllMzg3MzlhZTY0YmM0NTcxOWNkZjcyMTc4ZiJ9 --- owl-bot-staging/v1/.coveragerc | 17 + owl-bot-staging/v1/.flake8 | 33 + owl-bot-staging/v1/MANIFEST.in | 2 + owl-bot-staging/v1/README.rst | 49 + .../binauthz_management_service_v1.rst | 10 + .../docs/binaryauthorization_v1/services.rst | 8 + .../system_policy_v1.rst | 6 + .../v1/docs/binaryauthorization_v1/types.rst | 6 + .../validation_helper_v1.rst | 6 + owl-bot-staging/v1/docs/conf.py | 376 ++ owl-bot-staging/v1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 71 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../cloud/binaryauthorization_v1/__init__.py | 72 + .../gapic_metadata.json | 141 + .../cloud/binaryauthorization_v1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1057 ++++++ .../binauthz_management_service_v1/client.py | 1225 +++++++ .../binauthz_management_service_v1/pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 465 +++ .../transports/grpc_asyncio.py | 464 +++ .../services/system_policy_v1/__init__.py | 22 + .../services/system_policy_v1/async_client.py | 308 ++ .../services/system_policy_v1/client.py | 509 +++ .../system_policy_v1/transports/__init__.py | 33 + .../system_policy_v1/transports/base.py | 155 + .../system_policy_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../services/validation_helper_v1/__init__.py | 22 + .../validation_helper_v1/async_client.py | 285 ++ .../services/validation_helper_v1/client.py | 478 +++ .../transports/__init__.py | 33 + .../validation_helper_v1/transports/base.py | 154 + .../validation_helper_v1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../binaryauthorization_v1/types/__init__.py | 58 + .../binaryauthorization_v1/types/resources.py | 463 +++ .../binaryauthorization_v1/types/service.py | 319 ++ owl-bot-staging/v1/mypy.ini | 3 + owl-bot-staging/v1/noxfile.py | 179 + ...gement_service_v1_create_attestor_async.py | 58 + ...agement_service_v1_create_attestor_sync.py | 58 + ...gement_service_v1_delete_attestor_async.py | 50 + ...agement_service_v1_delete_attestor_sync.py | 50 + ...anagement_service_v1_get_attestor_async.py | 52 + ...management_service_v1_get_attestor_sync.py | 52 + ..._management_service_v1_get_policy_async.py | 52 + ...z_management_service_v1_get_policy_sync.py | 52 + ...agement_service_v1_list_attestors_async.py | 53 + ...nagement_service_v1_list_attestors_sync.py | 53 + ...gement_service_v1_update_attestor_async.py | 56 + ...agement_service_v1_update_attestor_sync.py | 56 + ...nagement_service_v1_update_policy_async.py | 56 + ...anagement_service_v1_update_policy_sync.py | 56 + ...ystem_policy_v1_get_system_policy_async.py | 52 + ...system_policy_v1_get_system_policy_sync.py | 52 + ...1_validate_attestation_occurrence_async.py | 54 + ...v1_validate_attestation_occurrence_sync.py | 54 + ...a_google.cloud.binaryauthorization.v1.json | 1466 ++++++++ .../fixup_binaryauthorization_v1_keywords.py | 184 + owl-bot-staging/v1/setup.py | 90 + .../v1/testing/constraints-3.10.txt | 6 + .../v1/testing/constraints-3.11.txt | 6 + .../v1/testing/constraints-3.7.txt | 9 + .../v1/testing/constraints-3.8.txt | 6 + .../v1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1/tests/__init__.py | 16 + owl-bot-staging/v1/tests/unit/__init__.py | 16 + .../v1/tests/unit/gapic/__init__.py | 16 + .../gapic/binaryauthorization_v1/__init__.py | 16 + .../test_binauthz_management_service_v1.py | 3039 +++++++++++++++++ .../test_system_policy_v1.py | 1396 ++++++++ .../test_validation_helper_v1.py | 1293 +++++++ owl-bot-staging/v1beta1/.coveragerc | 17 + owl-bot-staging/v1beta1/.flake8 | 33 + owl-bot-staging/v1beta1/MANIFEST.in | 2 + owl-bot-staging/v1beta1/README.rst | 49 + .../binauthz_management_service_v1_beta1.rst | 10 + .../binaryauthorization_v1beta1/services.rst | 7 + .../system_policy_v1_beta1.rst | 6 + .../binaryauthorization_v1beta1/types.rst | 6 + owl-bot-staging/v1beta1/docs/conf.py | 376 ++ owl-bot-staging/v1beta1/docs/index.rst | 7 + .../cloud/binaryauthorization/__init__.py | 65 + .../binaryauthorization/gapic_version.py | 16 + .../google/cloud/binaryauthorization/py.typed | 2 + .../binaryauthorization_v1beta1/__init__.py | 66 + .../gapic_metadata.json | 117 + .../binaryauthorization_v1beta1/py.typed | 2 + .../services/__init__.py | 15 + .../__init__.py | 22 + .../async_client.py | 1063 ++++++ .../client.py | 1231 +++++++ .../pagers.py | 140 + .../transports/__init__.py | 33 + .../transports/base.py | 282 ++ .../transports/grpc.py | 469 +++ .../transports/grpc_asyncio.py | 468 +++ .../system_policy_v1_beta1/__init__.py | 22 + .../system_policy_v1_beta1/async_client.py | 309 ++ .../services/system_policy_v1_beta1/client.py | 510 +++ .../transports/__init__.py | 33 + .../system_policy_v1_beta1/transports/base.py | 155 + .../system_policy_v1_beta1/transports/grpc.py | 266 ++ .../transports/grpc_asyncio.py | 265 ++ .../types/__init__.py | 58 + .../types/continuous_validation_logging.py | 163 + .../types/resources.py | 463 +++ .../types/service.py | 243 ++ owl-bot-staging/v1beta1/mypy.ini | 3 + owl-bot-staging/v1beta1/noxfile.py | 179 + ..._service_v1_beta1_create_attestor_async.py | 58 + ...t_service_v1_beta1_create_attestor_sync.py | 58 + ..._service_v1_beta1_delete_attestor_async.py | 50 + ...t_service_v1_beta1_delete_attestor_sync.py | 50 + ...ent_service_v1_beta1_get_attestor_async.py | 52 + ...ment_service_v1_beta1_get_attestor_sync.py | 52 + ...ement_service_v1_beta1_get_policy_async.py | 52 + ...gement_service_v1_beta1_get_policy_sync.py | 52 + ...t_service_v1_beta1_list_attestors_async.py | 53 + ...nt_service_v1_beta1_list_attestors_sync.py | 53 + ..._service_v1_beta1_update_attestor_async.py | 56 + ...t_service_v1_beta1_update_attestor_sync.py | 56 + ...nt_service_v1_beta1_update_policy_async.py | 56 + ...ent_service_v1_beta1_update_policy_sync.py | 56 + ...policy_v1_beta1_get_system_policy_async.py | 52 + ..._policy_v1_beta1_get_system_policy_sync.py | 52 + ...gle.cloud.binaryauthorization.v1beta1.json | 1313 +++++++ ...up_binaryauthorization_v1beta1_keywords.py | 183 + owl-bot-staging/v1beta1/setup.py | 90 + .../v1beta1/testing/constraints-3.10.txt | 6 + .../v1beta1/testing/constraints-3.11.txt | 6 + .../v1beta1/testing/constraints-3.7.txt | 9 + .../v1beta1/testing/constraints-3.8.txt | 6 + .../v1beta1/testing/constraints-3.9.txt | 6 + owl-bot-staging/v1beta1/tests/__init__.py | 16 + .../v1beta1/tests/unit/__init__.py | 16 + .../v1beta1/tests/unit/gapic/__init__.py | 16 + .../binaryauthorization_v1beta1/__init__.py | 16 + ...st_binauthz_management_service_v1_beta1.py | 3039 +++++++++++++++++ .../test_system_policy_v1_beta1.py | 1396 ++++++++ 146 files changed, 31290 insertions(+) create mode 100644 owl-bot-staging/v1/.coveragerc create mode 100644 owl-bot-staging/v1/.flake8 create mode 100644 owl-bot-staging/v1/MANIFEST.in create mode 100644 owl-bot-staging/v1/README.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst create mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst create mode 100644 owl-bot-staging/v1/docs/conf.py create mode 100644 owl-bot-staging/v1/docs/index.rst create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py create mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py create mode 100644 owl-bot-staging/v1/mypy.ini create mode 100644 owl-bot-staging/v1/noxfile.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py create mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json create mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py create mode 100644 owl-bot-staging/v1/setup.py create mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1/tests/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py create mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py create mode 100644 owl-bot-staging/v1beta1/.coveragerc create mode 100644 owl-bot-staging/v1beta1/.flake8 create mode 100644 owl-bot-staging/v1beta1/MANIFEST.in create mode 100644 owl-bot-staging/v1beta1/README.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst create mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst create mode 100644 owl-bot-staging/v1beta1/docs/conf.py create mode 100644 owl-bot-staging/v1beta1/docs/index.rst create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py create mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py create mode 100644 owl-bot-staging/v1beta1/mypy.ini create mode 100644 owl-bot-staging/v1beta1/noxfile.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py create mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json create mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py create mode 100644 owl-bot-staging/v1beta1/setup.py create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt create mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt create mode 100644 owl-bot-staging/v1beta1/tests/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py create mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in new file mode 100644 index 0000000..25c03c6 --- /dev/null +++ b/owl-bot-staging/v1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst new file mode 100644 index 0000000..1d11618 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1 +--------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst new file mode 100644 index 0000000..d8423c9 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst @@ -0,0 +1,8 @@ +Services for Google Cloud Binaryauthorization v1 API +==================================================== +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1 + system_policy_v1 + validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst new file mode 100644 index 0000000..da7e2d4 --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1 +-------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst new file mode 100644 index 0000000..31fd1da --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst @@ -0,0 +1,6 @@ +Types for Google Cloud Binaryauthorization v1 API +================================================= + +.. automodule:: google.cloud.binaryauthorization_v1.types + :members: + :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst new file mode 100644 index 0000000..5d92ddc --- /dev/null +++ b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst @@ -0,0 +1,6 @@ +ValidationHelperV1 +------------------------------------ + +.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst new file mode 100644 index 0000000..5c33d39 --- /dev/null +++ b/owl-bot-staging/v1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1/services + binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..cd87c27 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,71 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient + +from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1.types.resources import Attestor +from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1.types.resources import Policy +from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote +from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest +from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse + +__all__ = ('BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..4a0253e --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py @@ -0,0 +1,72 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from .services.system_policy_v1 import SystemPolicyV1Client +from .services.system_policy_v1 import SystemPolicyV1AsyncClient +from .services.validation_helper_v1 import ValidationHelperV1Client +from .services.validation_helper_v1 import ValidationHelperV1AsyncClient + +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedGrafeasNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest +from .types.service import ValidateAttestationOccurrenceRequest +from .types.service import ValidateAttestationOccurrenceResponse + +__all__ = ( + 'BinauthzManagementServiceV1AsyncClient', + 'SystemPolicyV1AsyncClient', + 'ValidationHelperV1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Client', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedGrafeasNote', +'ValidateAttestationOccurrenceRequest', +'ValidateAttestationOccurrenceResponse', +'ValidationHelperV1Client', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json new file mode 100644 index 0000000..1d349e7 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json @@ -0,0 +1,141 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1", + "protoPackage": "google.cloud.binaryauthorization.v1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + }, + "ValidationHelperV1": { + "clients": { + "grpc": { + "libraryClient": "ValidationHelperV1Client", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + }, + "grpc-async": { + "libraryClient": "ValidationHelperV1AsyncClient", + "rpcs": { + "ValidateAttestationOccurrence": { + "methods": [ + "validate_attestation_occurrence" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py new file mode 100644 index 0000000..eb79aec --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Client +from .async_client import BinauthzManagementServiceV1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Client', + 'BinauthzManagementServiceV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py new file mode 100644 index 0000000..f528e30 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py @@ -0,0 +1,1057 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Client + + +class BinauthzManagementServiceV1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + _client: BinauthzManagementServiceV1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py new file mode 100644 index 0000000..0fbbe00 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -0,0 +1,1225 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[BinauthzManagementServiceV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, BinauthzManagementServiceV1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Transport): + # transport is a BinauthzManagementServiceV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py new file mode 100644 index 0000000..2c7aa53 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py new file mode 100644 index 0000000..7ab66d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Transport +from .grpc import BinauthzManagementServiceV1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Transport', + 'BinauthzManagementServiceV1GrpcTransport', + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py new file mode 100644 index 0000000..8b1f99d --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py new file mode 100644 index 0000000..d585f2d --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py @@ -0,0 +1,465 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): + """gRPC backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..4b785bf --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py @@ -0,0 +1,464 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1GrpcTransport + + +class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1.Policy] specifies + the [attestors][google.cloud.binaryauthorization.v1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the [policy][google.cloud.binaryauthorization.v1.Policy] + for this project. Returns a default + [policy][google.cloud.binaryauthorization.v1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1.Policy]. A policy + is always updated as a whole, to avoid race conditions with + concurrent policy enforcement (or management!) requests. Returns + NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the + request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1.Attestor], and + returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the [attestor][google.cloud.binaryauthorization.v1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1.Attestor] does + not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py new file mode 100644 index 0000000..61a11e8 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Client +from .async_client import SystemPolicyV1AsyncClient + +__all__ = ( + 'SystemPolicyV1Client', + 'SystemPolicyV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py new file mode 100644 index 0000000..1d2b8ea --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py @@ -0,0 +1,308 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport +from .client import SystemPolicyV1Client + + +class SystemPolicyV1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1AsyncClient: The constructed client. + """ + return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py new file mode 100644 index 0000000..9eba291 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -0,0 +1,509 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +class SystemPolicyV1ClientMeta(type): + """Metaclass for the SystemPolicyV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] + _transport_registry["grpc"] = SystemPolicyV1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[SystemPolicyV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, SystemPolicyV1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Transport): + # transport is a SystemPolicyV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.Policy: + A [policy][google.cloud.binaryauthorization.v1.Policy] + for container image binary authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py new file mode 100644 index 0000000..feea8d2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Transport +from .grpc import SystemPolicyV1GrpcTransport +from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] +_transport_registry['grpc'] = SystemPolicyV1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Transport', + 'SystemPolicyV1GrpcTransport', + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py new file mode 100644 index 0000000..ab3d729 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py new file mode 100644 index 0000000..61d64c9 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): + """gRPC backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..3a0e56c --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1GrpcTransport + + +class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py new file mode 100644 index 0000000..5a441c1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import ValidationHelperV1Client +from .async_client import ValidationHelperV1AsyncClient + +__all__ = ( + 'ValidationHelperV1Client', + 'ValidationHelperV1AsyncClient', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py new file mode 100644 index 0000000..e6b4ad4 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py @@ -0,0 +1,285 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport +from .client import ValidationHelperV1Client + + +class ValidationHelperV1AsyncClient: + """BinAuthz Attestor verification""" + + _client: ValidationHelperV1Client + + DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT + + common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) + parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) + common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) + parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) + common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) + parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) + common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) + parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1AsyncClient: The constructed client. + """ + return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = ValidationHelperV1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def validate_attestation_occurrence(self, + request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.validate_attestation_occurrence, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1AsyncClient", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py new file mode 100644 index 0000000..d4d3744 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -0,0 +1,478 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import ValidationHelperV1GrpcTransport +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +class ValidationHelperV1ClientMeta(type): + """Metaclass for the ValidationHelperV1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] + _transport_registry["grpc"] = ValidationHelperV1GrpcTransport + _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[ValidationHelperV1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): + """BinAuthz Attestor verification""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + ValidationHelperV1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> ValidationHelperV1Transport: + """Returns the transport used by the client instance. + + Returns: + ValidationHelperV1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, ValidationHelperV1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the validation helper v1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ValidationHelperV1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, ValidationHelperV1Transport): + # transport is a ValidationHelperV1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def validate_attestation_occurrence(self, + request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, + *, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> service.ValidateAttestationOccurrenceResponse: + r"""Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1 + + def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): + The request object. Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: + Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + """ + # Create or coerce a protobuf request object. + # Minor optimization to avoid making a copy if the user passes + # in a service.ValidateAttestationOccurrenceRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ValidateAttestationOccurrenceRequest): + request = service.ValidateAttestationOccurrenceRequest(request) + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor", request.attestor), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "ValidationHelperV1Client", +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py new file mode 100644 index 0000000..09986f1 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import ValidationHelperV1Transport +from .grpc import ValidationHelperV1GrpcTransport +from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] +_transport_registry['grpc'] = ValidationHelperV1GrpcTransport +_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport + +__all__ = ( + 'ValidationHelperV1Transport', + 'ValidationHelperV1GrpcTransport', + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py new file mode 100644 index 0000000..900d488 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py @@ -0,0 +1,154 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class ValidationHelperV1Transport(abc.ABC): + """Abstract transport class for ValidationHelperV1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.validate_attestation_occurrence: gapic_v1.method.wrap_method( + self.validate_attestation_occurrence, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Union[ + service.ValidateAttestationOccurrenceResponse, + Awaitable[service.ValidateAttestationOccurrenceResponse] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'ValidationHelperV1Transport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py new file mode 100644 index 0000000..38bdba5 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO + + +class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): + """gRPC backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + service.ValidateAttestationOccurrenceResponse]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + ~.ValidateAttestationOccurrenceResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'ValidationHelperV1GrpcTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py new file mode 100644 index 0000000..468b3f2 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1.types import service +from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO +from .grpc import ValidationHelperV1GrpcTransport + + +class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): + """gRPC AsyncIO backend transport for ValidationHelperV1. + + BinAuthz Attestor verification + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def validate_attestation_occurrence(self) -> Callable[ + [service.ValidateAttestationOccurrenceRequest], + Awaitable[service.ValidateAttestationOccurrenceResponse]]: + r"""Return a callable for the validate attestation + occurrence method over gRPC. + + Returns whether the given Attestation for the given + image URI was signed by the given Attestor + + Returns: + Callable[[~.ValidateAttestationOccurrenceRequest], + Awaitable[~.ValidateAttestationOccurrenceResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'validate_attestation_occurrence' not in self._stubs: + self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', + request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, + response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, + ) + return self._stubs['validate_attestation_occurrence'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'ValidationHelperV1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py new file mode 100644 index 0000000..cddd9b9 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedGrafeasNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, + ValidateAttestationOccurrenceRequest, + ValidateAttestationOccurrenceResponse, +) + +__all__ = ( + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedGrafeasNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', +) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py new file mode 100644 index 0000000..8c3e400 --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py @@ -0,0 +1,463 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedGrafeasNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container + image binary authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: [a-z.-]+, e.g. 'some-namespace' + kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. 'test-ns:default' + istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): + Optional. Per-istio-service-identity + admission rules. Istio service identity spec + format: + spiffe:///ns//sa/ + or /ns//sa/ + e.g. spiffe://example.com/ns/test-ns/sa/default + default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule: 'AdmissionRule' = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + wildcard, but this is allowed only in text after the + ``registry/`` part. This also supports a trailing ``**`` + wildcard which matches subdirectories of a given entry. + """ + + name_pattern: str = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies + either that all container images used in a pod creation request must + be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1.Attestor], that all + pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (MutableSequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode: EvaluationMode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by: MutableSequence[str] = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode: EnforcementMode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that + attests to container image artifacts. An existing attestor cannot be + modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): + This specifies how an attestation will be + read, and how it will be used during policy + enforcement. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + user_owned_grafeas_note: 'UserOwnedGrafeasNote' = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedGrafeasNote', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedGrafeasNote(proto.Message): + r"""An [user owned Grafeas + note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] + references a Grafeas Attestation.Authority Note created by the user. + + Attributes: + note_reference (str): + Required. The Grafeas resource name of a + Attestation.Authority Note, created by the user, in the + format: ``projects/*/notes/*``. This field may not be + updated. + + An attestation by this attestor is stored as a Grafeas + Attestation.Authority Occurrence that names a container + image and that links to this Note. Grafeas is an external + dependency. + public_keys (MutableSequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference: str = proto.Field( + proto.STRING, + number=1, + ) + public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email: str = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem: str = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm: SignatureAlgorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that + will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment: str = proto.Field( + proto.STRING, + number=1, + ) + id: str = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key: str = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key: 'PkixPublicKey' = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py new file mode 100644 index 0000000..b05cf8b --- /dev/null +++ b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py @@ -0,0 +1,319 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.binaryauthorization_v1.types import resources +from grafeas.v1 import attestation_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + 'ValidateAttestationOccurrenceRequest', + 'ValidateAttestationOccurrenceResponse', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1.Policy] value. + The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1.Policy.name] field + with the resource name in the request URL, in the format + ``projects/*/policy``. + """ + + policy: resources.Policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + attestor_id: str = proto.Field( + proto.STRING, + number=2, + ) + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1.Attestor] to + retrieve, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (MutableSequence[google.cloud.binaryauthorization_v1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1.Attestor] to + delete, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class ValidateAttestationOccurrenceRequest(proto.Message): + r"""Request message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + attestor (str): + Required. The resource name of the + [Attestor][google.cloud.binaryauthorization.v1.Attestor] of + the [occurrence][grafeas.v1.Occurrence], in the format + ``projects/*/attestors/*``. + attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): + Required. An + [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to + be checked that it can be verified by the Attestor. It does + not have to be an existing entity in Container Analysis. It + must otherwise be a valid AttestationOccurrence. + occurrence_note (str): + Required. The resource name of the [Note][grafeas.v1.Note] + to which the containing [Occurrence][grafeas.v1.Occurrence] + is associated. + occurrence_resource_uri (str): + Required. The URI of the artifact (e.g. container image) + that is the subject of the containing + [Occurrence][grafeas.v1.Occurrence]. + """ + + attestor: str = proto.Field( + proto.STRING, + number=1, + ) + attestation: attestation_pb2.AttestationOccurrence = proto.Field( + proto.MESSAGE, + number=2, + message=attestation_pb2.AttestationOccurrence, + ) + occurrence_note: str = proto.Field( + proto.STRING, + number=3, + ) + occurrence_resource_uri: str = proto.Field( + proto.STRING, + number=4, + ) + + +class ValidateAttestationOccurrenceResponse(proto.Message): + r"""Response message for + [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. + + Attributes: + result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): + The result of the Attestation validation. + denial_reason (str): + The reason for denial if the Attestation + couldn't be validated. + """ + class Result(proto.Enum): + r"""The enum returned in the "result" field.""" + RESULT_UNSPECIFIED = 0 + VERIFIED = 1 + ATTESTATION_NOT_VERIFIABLE = 2 + + result: Result = proto.Field( + proto.ENUM, + number=1, + enum=Result, + ) + denial_reason: str = proto.Field( + proto.STRING, + number=2, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py new file mode 100644 index 0000000..9dee1a0 --- /dev/null +++ b/owl-bot-staging/v1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py new file mode 100644 index 0000000..42f52bc --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py new file mode 100644 index 0000000..e51ea8d --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py new file mode 100644 index 0000000..42c7afa --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py new file mode 100644 index 0000000..e435188 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py new file mode 100644 index 0000000..61dbe83 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py new file mode 100644 index 0000000..7272538 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py new file mode 100644 index 0000000..287a39f --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py new file mode 100644 index 0000000..108d76c --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py new file mode 100644 index 0000000..2670d1a --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py new file mode 100644 index 0000000..d7eecc9 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py new file mode 100644 index 0000000..8f0bd69 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py new file mode 100644 index 0000000..38073e4 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1.Attestor() + attestor.user_owned_grafeas_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py new file mode 100644 index 0000000..12fc571 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py new file mode 100644 index 0000000..d1ce288 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1.BinauthzManagementServiceV1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py new file mode 100644 index 0000000..3458ff1 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py new file mode 100644 index 0000000..9d84367 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1.SystemPolicyV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py new file mode 100644 index 0000000..248502b --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +async def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = await client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py new file mode 100644 index 0000000..44cb427 --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ValidateAttestationOccurrence +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1 + + +def sample_validate_attestation_occurrence(): + # Create a client + client = binaryauthorization_v1.ValidationHelperV1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( + attestor="attestor_value", + occurrence_note="occurrence_note_value", + occurrence_resource_uri="occurrence_resource_uri_value", + ) + + # Make the request + response = client.validate_attestation_occurrence(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json new file mode 100644 index 0000000..6d29a4e --- /dev/null +++ b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json @@ -0,0 +1,1466 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1", + "version": "v1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", + "shortName": "BinauthzManagementServiceV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", + "shortName": "BinauthzManagementServiceV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", + "shortName": "BinauthzManagementServiceV1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", + "shortName": "SystemPolicyV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", + "shortName": "SystemPolicyV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", + "shortName": "SystemPolicyV1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", + "shortName": "ValidationHelperV1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", + "shortName": "ValidationHelperV1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", + "method": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", + "service": { + "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", + "shortName": "ValidationHelperV1" + }, + "shortName": "ValidateAttestationOccurrence" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", + "shortName": "validate_attestation_occurrence" + }, + "description": "Sample for ValidateAttestationOccurrence", + "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", + "segments": [ + { + "end": 53, + "start": 27, + "type": "FULL" + }, + { + "end": 53, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 47, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 50, + "start": 48, + "type": "REQUEST_EXECUTION" + }, + { + "end": 54, + "start": 51, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py new file mode 100644 index 0000000..62deb91 --- /dev/null +++ b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py @@ -0,0 +1,184 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt new file mode 100644 index 0000000..6f3158c --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.7.txt @@ -0,0 +1,9 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py new file mode 100644 index 0000000..d628bd1 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Client, "grpc"), + (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) +@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) +def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1GrpcTransport, + ) + +def test_binauthz_management_service_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1GrpcTransport, + transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), + (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py new file mode 100644 index 0000000..39f62c7 --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client +from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports +from google.cloud.binaryauthorization_v1.types import resources +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1GrpcTransport, "grpc"), + (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Client, "grpc"), + (SystemPolicyV1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_client_get_transport_class(): + transport = SystemPolicyV1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Client, SystemPolicyV1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) +@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) +def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1GrpcTransport, + ) + +def test_system_policy_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1GrpcTransport, + transports.SystemPolicyV1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_no_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_host_with_port(transport_name): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) +def test_system_policy_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), + (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py new file mode 100644 index 0000000..837321c --- /dev/null +++ b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py @@ -0,0 +1,1293 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client +from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports +from google.cloud.binaryauthorization_v1.types import service +from google.oauth2 import service_account +from grafeas.v1 import attestation_pb2 # type: ignore +from grafeas.v1 import common_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.ValidationHelperV1GrpcTransport, "grpc"), + (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (ValidationHelperV1Client, "grpc"), + (ValidationHelperV1AsyncClient, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_validation_helper_v1_client_get_transport_class(): + transport = ValidationHelperV1Client.get_transport_class() + available_transports = [ + transports.ValidationHelperV1GrpcTransport, + ] + assert transport in available_transports + + transport = ValidationHelperV1Client.get_transport_class("grpc") + assert transport == transports.ValidationHelperV1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + ValidationHelperV1Client, ValidationHelperV1AsyncClient +]) +@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) +@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) +def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_validation_helper_v1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = ValidationHelperV1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.ValidateAttestationOccurrenceRequest, + dict, +]) +def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + ) + response = client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +def test_validate_attestation_occurrence_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + client.validate_attestation_occurrence() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( + result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, + denial_reason='denial_reason_value', + )) + response = await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ValidateAttestationOccurrenceRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, service.ValidateAttestationOccurrenceResponse) + assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED + assert response.denial_reason == 'denial_reason_value' + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_async_from_dict(): + await test_validate_attestation_occurrence_async(request_type=dict) + + +def test_validate_attestation_occurrence_field_headers(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = service.ValidateAttestationOccurrenceResponse() + client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_validate_attestation_occurrence_field_headers_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ValidateAttestationOccurrenceRequest() + + request.attestor = 'attestor_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.validate_attestation_occurrence), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) + await client.validate_attestation_occurrence(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor=attestor_value', + ) in kw['metadata'] + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = ValidationHelperV1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = ValidationHelperV1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.ValidationHelperV1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = ValidationHelperV1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.ValidationHelperV1GrpcTransport, + ) + +def test_validation_helper_v1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_validation_helper_v1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.ValidationHelperV1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'validate_attestation_occurrence', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_validation_helper_v1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_validation_helper_v1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.ValidationHelperV1Transport() + adc.assert_called_once() + + +def test_validation_helper_v1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + ValidationHelperV1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.ValidationHelperV1GrpcTransport, + transports.ValidationHelperV1GrpcAsyncIOTransport, + ], +) +def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.ValidationHelperV1GrpcTransport, grpc_helpers), + (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_no_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_validation_helper_v1_host_with_port(transport_name): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_validation_helper_v1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_validation_helper_v1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.ValidationHelperV1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) +def test_validation_helper_v1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_common_billing_account_path(): + billing_account = "squid" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = ValidationHelperV1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "clam", + } + path = ValidationHelperV1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "whelk" + expected = "folders/{folder}".format(folder=folder, ) + actual = ValidationHelperV1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "octopus", + } + path = ValidationHelperV1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "oyster" + expected = "organizations/{organization}".format(organization=organization, ) + actual = ValidationHelperV1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "nudibranch", + } + path = ValidationHelperV1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "cuttlefish" + expected = "projects/{project}".format(project=project, ) + actual = ValidationHelperV1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "mussel", + } + path = ValidationHelperV1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "winkle" + location = "nautilus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = ValidationHelperV1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "scallop", + "location": "abalone", + } + path = ValidationHelperV1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = ValidationHelperV1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: + transport_class = ValidationHelperV1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = ValidationHelperV1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = ValidationHelperV1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), + (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc new file mode 100644 index 0000000..95c4014 --- /dev/null +++ b/owl-bot-staging/v1beta1/.coveragerc @@ -0,0 +1,17 @@ +[run] +branch = True + +[report] +show_missing = True +omit = + google/cloud/binaryauthorization/__init__.py +exclude_lines = + # Re-enable the standard pragma + pragma: NO COVER + # Ignore debug-only repr + def __repr__ + # Ignore pkg_resources exceptions. + # This is added at the module level as a safeguard for if someone + # generates the code and tries to run it without pip installing. This + # makes it virtually impossible to test properly. + except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 new file mode 100644 index 0000000..29227d4 --- /dev/null +++ b/owl-bot-staging/v1beta1/.flake8 @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generated by synthtool. DO NOT EDIT! +[flake8] +ignore = E203, E266, E501, W503 +exclude = + # Exclude generated code. + **/proto/** + **/gapic/** + **/services/** + **/types/** + *_pb2.py + + # Standard linting exemptions. + **/.nox/** + __pycache__, + .git, + *.pyc, + conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in new file mode 100644 index 0000000..dcb06b9 --- /dev/null +++ b/owl-bot-staging/v1beta1/MANIFEST.in @@ -0,0 +1,2 @@ +recursive-include google/cloud/binaryauthorization *.py +recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst new file mode 100644 index 0000000..3e96e33 --- /dev/null +++ b/owl-bot-staging/v1beta1/README.rst @@ -0,0 +1,49 @@ +Python Client for Google Cloud Binaryauthorization API +================================================= + +Quick Start +----------- + +In order to use this library, you first need to go through the following steps: + +1. `Select or create a Cloud Platform project.`_ +2. `Enable billing for your project.`_ +3. Enable the Google Cloud Binaryauthorization API. +4. `Setup Authentication.`_ + +.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project +.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project +.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html + +Installation +~~~~~~~~~~~~ + +Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to +create isolated Python environments. The basic problem it addresses is one of +dependencies and versions, and indirectly permissions. + +With `virtualenv`_, it's possible to install this library without needing system +install permissions, and without clashing with the installed system +dependencies. + +.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ + + +Mac/Linux +^^^^^^^^^ + +.. code-block:: console + + python3 -m venv + source /bin/activate + /bin/pip install /path/to/library + + +Windows +^^^^^^^ + +.. code-block:: console + + python3 -m venv + \Scripts\activate + \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst new file mode 100644 index 0000000..22016d0 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst @@ -0,0 +1,10 @@ +BinauthzManagementServiceV1Beta1 +-------------------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 + :members: + :inherited-members: + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst new file mode 100644 index 0000000..0d0e455 --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst @@ -0,0 +1,7 @@ +Services for Google Cloud Binaryauthorization v1beta1 API +========================================================= +.. toctree:: + :maxdepth: 2 + + binauthz_management_service_v1_beta1 + system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst new file mode 100644 index 0000000..70a68bc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst @@ -0,0 +1,6 @@ +SystemPolicyV1Beta1 +------------------------------------- + +.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 + :members: + :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst new file mode 100644 index 0000000..3b8ecee --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst @@ -0,0 +1,6 @@ +Types for Google Cloud Binaryauthorization v1beta1 API +====================================================== + +.. automodule:: google.cloud.binaryauthorization_v1beta1.types + :members: + :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py new file mode 100644 index 0000000..feecefc --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/conf.py @@ -0,0 +1,376 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# google-cloud-binaryauthorization documentation build configuration file +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys +import os +import shlex + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +sys.path.insert(0, os.path.abspath("..")) + +__version__ = "0.1.0" + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +needs_sphinx = "4.0.1" + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + "sphinx.ext.autodoc", + "sphinx.ext.autosummary", + "sphinx.ext.intersphinx", + "sphinx.ext.coverage", + "sphinx.ext.napoleon", + "sphinx.ext.todo", + "sphinx.ext.viewcode", +] + +# autodoc/autosummary flags +autoclass_content = "both" +autodoc_default_flags = ["members"] +autosummary_generate = True + + +# Add any paths that contain templates here, relative to this directory. +templates_path = ["_templates"] + +# Allow markdown includes (so releases.md can include CHANGLEOG.md) +# http://www.sphinx-doc.org/en/master/markdown.html +source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +source_suffix = [".rst", ".md"] + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The root toctree document. +root_doc = "index" + +# General information about the project. +project = u"google-cloud-binaryauthorization" +copyright = u"2022, Google, LLC" +author = u"Google APIs" # TODO: autogenerate this bit + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The full version, including alpha/beta/rc tags. +release = __version__ +# The short X.Y version. +version = ".".join(release.split(".")[0:2]) + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ["_build"] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = "sphinx" + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = True + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = "alabaster" + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +html_theme_options = { + "description": "Google Cloud Client Libraries for Python", + "github_user": "googleapis", + "github_repo": "google-cloud-python", + "github_banner": True, + "font_family": "'Roboto', Georgia, sans", + "head_font_family": "'Roboto', Georgia, serif", + "code_font_family": "'Roboto Mono', 'Consolas', monospace", +} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ["_static"] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = "google-cloud-binaryauthorization-doc" + +# -- Options for warnings ------------------------------------------------------ + + +suppress_warnings = [ + # Temporarily suppress this to avoid "more than one target found for + # cross-reference" warning, which are intractable for us to avoid while in + # a mono-repo. + # See https://github.com/sphinx-doc/sphinx/blob + # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 + "ref.python" +] + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization.tex", + u"google-cloud-binaryauthorization Documentation", + author, + "manual", + ) +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"Google Cloud Binaryauthorization Documentation", + [author], + 1, + ) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ( + root_doc, + "google-cloud-binaryauthorization", + u"google-cloud-binaryauthorization Documentation", + author, + "google-cloud-binaryauthorization", + "GAPIC library for Google Cloud Binaryauthorization API", + "APIs", + ) +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + + +# Example configuration for intersphinx: refer to the Python standard library. +intersphinx_mapping = { + "python": ("http://python.readthedocs.org/en/latest/", None), + "gax": ("https://gax-python.readthedocs.org/en/latest/", None), + "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), + "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), + "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), + "grpc": ("https://grpc.io/grpc/python/", None), + "requests": ("http://requests.kennethreitz.org/en/stable/", None), + "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), + "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), +} + + +# Napoleon settings +napoleon_google_docstring = True +napoleon_numpy_docstring = True +napoleon_include_private_with_doc = False +napoleon_include_special_with_doc = True +napoleon_use_admonition_for_examples = False +napoleon_use_admonition_for_notes = False +napoleon_use_admonition_for_references = False +napoleon_use_ivar = False +napoleon_use_param = True +napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst new file mode 100644 index 0000000..787a5eb --- /dev/null +++ b/owl-bot-staging/v1beta1/docs/index.rst @@ -0,0 +1,7 @@ +API Reference +------------- +.. toctree:: + :maxdepth: 2 + + binaryauthorization_v1beta1/services + binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py new file mode 100644 index 0000000..ad30948 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py @@ -0,0 +1,65 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient + +from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern +from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor +from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey +from google.cloud.binaryauthorization_v1beta1.types.resources import Policy +from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote +from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest +from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse +from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest +from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest + +__all__ = ('BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py new file mode 100644 index 0000000..35859c3 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py @@ -0,0 +1,16 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..39fdf61 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,66 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from google.cloud.binaryauthorization import gapic_version as package_version + +__version__ = package_version.__version__ + + +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient + +from .types.continuous_validation_logging import ContinuousValidationEvent +from .types.resources import AdmissionRule +from .types.resources import AdmissionWhitelistPattern +from .types.resources import Attestor +from .types.resources import AttestorPublicKey +from .types.resources import PkixPublicKey +from .types.resources import Policy +from .types.resources import UserOwnedDrydockNote +from .types.service import CreateAttestorRequest +from .types.service import DeleteAttestorRequest +from .types.service import GetAttestorRequest +from .types.service import GetPolicyRequest +from .types.service import GetSystemPolicyRequest +from .types.service import ListAttestorsRequest +from .types.service import ListAttestorsResponse +from .types.service import UpdateAttestorRequest +from .types.service import UpdatePolicyRequest + +__all__ = ( + 'BinauthzManagementServiceV1Beta1AsyncClient', + 'SystemPolicyV1Beta1AsyncClient', +'AdmissionRule', +'AdmissionWhitelistPattern', +'Attestor', +'AttestorPublicKey', +'BinauthzManagementServiceV1Beta1Client', +'ContinuousValidationEvent', +'CreateAttestorRequest', +'DeleteAttestorRequest', +'GetAttestorRequest', +'GetPolicyRequest', +'GetSystemPolicyRequest', +'ListAttestorsRequest', +'ListAttestorsResponse', +'PkixPublicKey', +'Policy', +'SystemPolicyV1Beta1Client', +'UpdateAttestorRequest', +'UpdatePolicyRequest', +'UserOwnedDrydockNote', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json new file mode 100644 index 0000000..65f5f50 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json @@ -0,0 +1,117 @@ + { + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "python", + "libraryPackage": "google.cloud.binaryauthorization_v1beta1", + "protoPackage": "google.cloud.binaryauthorization.v1beta1", + "schema": "1.0", + "services": { + "BinauthzManagementServiceV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "BinauthzManagementServiceV1Beta1Client", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", + "rpcs": { + "CreateAttestor": { + "methods": [ + "create_attestor" + ] + }, + "DeleteAttestor": { + "methods": [ + "delete_attestor" + ] + }, + "GetAttestor": { + "methods": [ + "get_attestor" + ] + }, + "GetPolicy": { + "methods": [ + "get_policy" + ] + }, + "ListAttestors": { + "methods": [ + "list_attestors" + ] + }, + "UpdateAttestor": { + "methods": [ + "update_attestor" + ] + }, + "UpdatePolicy": { + "methods": [ + "update_policy" + ] + } + } + } + } + }, + "SystemPolicyV1Beta1": { + "clients": { + "grpc": { + "libraryClient": "SystemPolicyV1Beta1Client", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + }, + "grpc-async": { + "libraryClient": "SystemPolicyV1Beta1AsyncClient", + "rpcs": { + "GetSystemPolicy": { + "methods": [ + "get_system_policy" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed new file mode 100644 index 0000000..5afd9ec --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed @@ -0,0 +1,2 @@ +# Marker file for PEP 561. +# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py new file mode 100644 index 0000000..e8e1c38 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py new file mode 100644 index 0000000..c00aba6 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import BinauthzManagementServiceV1Beta1Client +from .async_client import BinauthzManagementServiceV1Beta1AsyncClient + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Client', + 'BinauthzManagementServiceV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py new file mode 100644 index 0000000..b00a268 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py @@ -0,0 +1,1063 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport +from .client import BinauthzManagementServiceV1Beta1Client + + +class BinauthzManagementServiceV1Beta1AsyncClient: + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + _client: BinauthzManagementServiceV1Beta1Client + + DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) + parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) + policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) + parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. + """ + return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = BinauthzManagementServiceV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (:class:`str`): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdatePolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (:class:`str`): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (:class:`str`): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.CreateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.create_attestor, + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (:class:`str`): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.UpdateAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsAsyncPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (:class:`str`): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.ListAttestorsRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__aiter__` convenience method. + response = pagers.ListAttestorsAsyncPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (:class:`str`): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.DeleteAttestorRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py new file mode 100644 index 0000000..43d098d --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -0,0 +1,1231 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +class BinauthzManagementServiceV1Beta1ClientMeta(type): + """Metaclass for the BinauthzManagementServiceV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] + _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[BinauthzManagementServiceV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): + """Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + """ + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + BinauthzManagementServiceV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> BinauthzManagementServiceV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + BinauthzManagementServiceV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def attestor_path(project: str,attestor: str,) -> str: + """Returns a fully-qualified attestor string.""" + return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + + @staticmethod + def parse_attestor_path(path: str) -> Dict[str,str]: + """Parses a attestor path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, BinauthzManagementServiceV1Beta1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the binauthz management service v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): + # transport is a BinauthzManagementServiceV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_policy(self, + request: Optional[Union[service.GetPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetPolicy][]. + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + to retrieve, in the format ``projects/*/policy``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetPolicyRequest): + request = service.GetPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_policy(self, + request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, + *, + policy: Optional[resources.Policy] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdatePolicy][]. + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + + This corresponds to the ``policy`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([policy]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdatePolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdatePolicyRequest): + request = service.UpdatePolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if policy is not None: + request.policy = policy + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("policy.name", request.policy.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def create_attestor(self, + request: Optional[Union[service.CreateAttestorRequest, dict]] = None, + *, + parent: Optional[str] = None, + attestor_id: Optional[str] = None, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.CreateAttestor][]. + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + + This corresponds to the ``attestor_id`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent, attestor_id, attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.CreateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.CreateAttestorRequest): + request = service.CreateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + if attestor_id is not None: + request.attestor_id = attestor_id + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.create_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def get_attestor(self, + request: Optional[Union[service.GetAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.GetAttestor][]. + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetAttestorRequest): + request = service.GetAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def update_attestor(self, + request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, + *, + attestor: Optional[resources.Attestor] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Attestor: + r"""Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.UpdateAttestor][]. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + + This corresponds to the ``attestor`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Attestor: + An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image + artifacts. An existing attestor cannot be modified + except where indicated. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([attestor]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.UpdateAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.UpdateAttestorRequest): + request = service.UpdateAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if attestor is not None: + request.attestor = attestor + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.update_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("attestor.name", request.attestor.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def list_attestors(self, + request: Optional[Union[service.ListAttestorsRequest, dict]] = None, + *, + parent: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> pagers.ListAttestorsPager: + r"""Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): + The request object. Request message for + [BinauthzManagementService.ListAttestors][]. + parent (str): + Required. The resource name of the project associated + with the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + + This corresponds to the ``parent`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: + Response message for + [BinauthzManagementService.ListAttestors][]. + + Iterating over this object will yield results and + resolve additional pages automatically. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([parent]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.ListAttestorsRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.ListAttestorsRequest): + request = service.ListAttestorsRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if parent is not None: + request.parent = parent + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.list_attestors] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("parent", request.parent), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # This method is paged; wrap the response in a pager, which provides + # an `__iter__` convenience method. + response = pagers.ListAttestorsPager( + method=rpc, + request=request, + response=response, + metadata=metadata, + ) + + # Done; return the response. + return response + + def delete_attestor(self, + request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> None: + r"""Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): + The request object. Request message for + [BinauthzManagementService.DeleteAttestor][]. + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.DeleteAttestorRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.DeleteAttestorRequest): + request = service.DeleteAttestorRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.delete_attestor] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "BinauthzManagementServiceV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py new file mode 100644 index 0000000..3d12ffa --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py @@ -0,0 +1,140 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + + +class ListAttestorsPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__iter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__iter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., service.ListAttestorsResponse], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiate the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + def pages(self) -> Iterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = self._method(self._request, metadata=self._metadata) + yield self._response + + def __iter__(self) -> Iterator[resources.Attestor]: + for page in self.pages: + yield from page.attestors + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) + + +class ListAttestorsAsyncPager: + """A pager for iterating through ``list_attestors`` requests. + + This class thinly wraps an initial + :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and + provides an ``__aiter__`` method to iterate through its + ``attestors`` field. + + If there are more pages, the ``__aiter__`` method will make additional + ``ListAttestors`` requests and continue to iterate + through the ``attestors`` field on the + corresponding responses. + + All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` + attributes are available on the pager. If multiple requests are made, only + the most recent response is retained, and thus used for attribute lookup. + """ + def __init__(self, + method: Callable[..., Awaitable[service.ListAttestorsResponse]], + request: service.ListAttestorsRequest, + response: service.ListAttestorsResponse, + *, + metadata: Sequence[Tuple[str, str]] = ()): + """Instantiates the pager. + + Args: + method (Callable): The method that was originally called, and + which instantiated this pager. + request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): + The initial request object. + response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): + The initial response object. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + """ + self._method = method + self._request = service.ListAttestorsRequest(request) + self._response = response + self._metadata = metadata + + def __getattr__(self, name: str) -> Any: + return getattr(self._response, name) + + @property + async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: + yield self._response + while self._response.next_page_token: + self._request.page_token = self._response.next_page_token + self._response = await self._method(self._request, metadata=self._metadata) + yield self._response + def __aiter__(self) -> AsyncIterator[resources.Attestor]: + async def async_generator(): + async for page in self.pages: + for response in page.attestors: + yield response + + return async_generator() + + def __repr__(self) -> str: + return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..207eade --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import BinauthzManagementServiceV1Beta1Transport +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport +from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] +_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', + 'BinauthzManagementServiceV1Beta1GrpcTransport', + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py new file mode 100644 index 0000000..f623a9e --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py @@ -0,0 +1,282 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class BinauthzManagementServiceV1Beta1Transport(abc.ABC): + """Abstract transport class for BinauthzManagementServiceV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_policy: gapic_v1.method.wrap_method( + self.get_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_policy: gapic_v1.method.wrap_method( + self.update_policy, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.create_attestor: gapic_v1.method.wrap_method( + self.create_attestor, + default_timeout=600.0, + client_info=client_info, + ), + self.get_attestor: gapic_v1.method.wrap_method( + self.get_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.update_attestor: gapic_v1.method.wrap_method( + self.update_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.list_attestors: gapic_v1.method.wrap_method( + self.list_attestors, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + self.delete_attestor: gapic_v1.method.wrap_method( + self.delete_attestor, + default_retry=retries.Retry( +initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( + core_exceptions.DeadlineExceeded, + core_exceptions.ServiceUnavailable, + ), + deadline=600.0, + ), + default_timeout=600.0, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Union[ + resources.Attestor, + Awaitable[resources.Attestor] + ]]: + raise NotImplementedError() + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Union[ + service.ListAttestorsResponse, + Awaitable[service.ListAttestorsResponse] + ]]: + raise NotImplementedError() + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Union[ + empty_pb2.Empty, + Awaitable[empty_pb2.Empty] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..1ecdd2f --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py @@ -0,0 +1,469 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + resources.Policy]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + resources.Policy]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + resources.Attestor]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + resources.Attestor]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + ~.Attestor]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + service.ListAttestorsResponse]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + ~.ListAttestorsResponse]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + empty_pb2.Empty]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + ~.Empty]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..05bf0a4 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,468 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import empty_pb2 # type: ignore +from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport + + +class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): + """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. + + Google Cloud Management Service for Binary Authorization admission + policies and attestation authorities. + + This API implements a REST model with the following objects: + + - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] + - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_policy(self) -> Callable[ + [service.GetPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get policy method over gRPC. + + A [policy][google.cloud.binaryauthorization.v1beta1.Policy] + specifies the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + that must attest to a container image, before the project is + allowed to deploy that image. There is at most one policy per + project. All image admission requests are permitted if a project + has no policy. + + Gets the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + this project. Returns a default + [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the + project does not have one. + + Returns: + Callable[[~.GetPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_policy' not in self._stubs: + self._stubs['get_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', + request_serializer=service.GetPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_policy'] + + @property + def update_policy(self) -> Callable[ + [service.UpdatePolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the update policy method over gRPC. + + Creates or updates a project's + [policy][google.cloud.binaryauthorization.v1beta1.Policy], and + returns a copy of the new + [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A + policy is always updated as a whole, to avoid race conditions + with concurrent policy enforcement (or management!) requests. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed. + + Returns: + Callable[[~.UpdatePolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_policy' not in self._stubs: + self._stubs['update_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', + request_serializer=service.UpdatePolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['update_policy'] + + @property + def create_attestor(self) -> Callable[ + [service.CreateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the create attestor method over gRPC. + + Creates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], + and returns a copy of the new + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the project does not exist, + INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if + the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + already exists. + + Returns: + Callable[[~.CreateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'create_attestor' not in self._stubs: + self._stubs['create_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', + request_serializer=service.CreateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['create_attestor'] + + @property + def get_attestor(self) -> Callable[ + [service.GetAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the get attestor method over gRPC. + + Gets an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.GetAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_attestor' not in self._stubs: + self._stubs['get_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', + request_serializer=service.GetAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['get_attestor'] + + @property + def update_attestor(self) -> Callable[ + [service.UpdateAttestorRequest], + Awaitable[resources.Attestor]]: + r"""Return a callable for the update attestor method over gRPC. + + Updates an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.UpdateAttestorRequest], + Awaitable[~.Attestor]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'update_attestor' not in self._stubs: + self._stubs['update_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', + request_serializer=service.UpdateAttestorRequest.serialize, + response_deserializer=resources.Attestor.deserialize, + ) + return self._stubs['update_attestor'] + + @property + def list_attestors(self) -> Callable[ + [service.ListAttestorsRequest], + Awaitable[service.ListAttestorsResponse]]: + r"""Return a callable for the list attestors method over gRPC. + + Lists + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns INVALID_ARGUMENT if the project does not exist. + + Returns: + Callable[[~.ListAttestorsRequest], + Awaitable[~.ListAttestorsResponse]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'list_attestors' not in self._stubs: + self._stubs['list_attestors'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', + request_serializer=service.ListAttestorsRequest.serialize, + response_deserializer=service.ListAttestorsResponse.deserialize, + ) + return self._stubs['list_attestors'] + + @property + def delete_attestor(self) -> Callable[ + [service.DeleteAttestorRequest], + Awaitable[empty_pb2.Empty]]: + r"""Return a callable for the delete attestor method over gRPC. + + Deletes an + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + Returns NOT_FOUND if the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + does not exist. + + Returns: + Callable[[~.DeleteAttestorRequest], + Awaitable[~.Empty]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'delete_attestor' not in self._stubs: + self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', + request_serializer=service.DeleteAttestorRequest.serialize, + response_deserializer=empty_pb2.Empty.FromString, + ) + return self._stubs['delete_attestor'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py new file mode 100644 index 0000000..3fc064c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .client import SystemPolicyV1Beta1Client +from .async_client import SystemPolicyV1Beta1AsyncClient + +__all__ = ( + 'SystemPolicyV1Beta1Client', + 'SystemPolicyV1Beta1AsyncClient', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py new file mode 100644 index 0000000..5f60e3c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py @@ -0,0 +1,309 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import functools +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union +import pkg_resources + +from google.api_core.client_options import ClientOptions +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport +from .client import SystemPolicyV1Beta1Client + + +class SystemPolicyV1Beta1AsyncClient: + """API for working with the system policy.""" + + _client: SystemPolicyV1Beta1Client + + DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT + DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT + + policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) + parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) + common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) + parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) + common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) + parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) + common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) + parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) + common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) + parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) + common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) + parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1AsyncClient: The constructed client. + """ + return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore + + from_service_account_json = from_service_account_file + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client instance. + """ + return self._client.transport + + get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", + client_options: Optional[ClientOptions] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (ClientOptions): Custom options for the client. It + won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + """ + self._client = SystemPolicyV1Beta1Client( + credentials=credentials, + transport=transport, + client_options=client_options, + client_info=client_info, + + ) + + async def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]]): + The request object. Request to read the current system + policy. + name (:class:`str`): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError("If the `request` argument is set, then none of " + "the individual field arguments should be set.") + + request = service.GetSystemPolicyRequest(request) + + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = gapic_v1.method_async.wrap_method( + self._client._transport.get_system_policy, + default_timeout=None, + client_info=DEFAULT_CLIENT_INFO, + ) + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = await rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc, tb): + await self.transport.close() + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1AsyncClient", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py new file mode 100644 index 0000000..73d2151 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -0,0 +1,510 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +import os +import re +from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast +import pkg_resources + +from google.api_core import client_options as client_options_lib +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport import mtls # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore +from google.oauth2 import service_account # type: ignore + +try: + OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] +except AttributeError: # pragma: NO COVER + OptionalRetry = Union[retries.Retry, object] # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.protobuf import timestamp_pb2 # type: ignore +from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .transports.grpc import SystemPolicyV1Beta1GrpcTransport +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +class SystemPolicyV1Beta1ClientMeta(type): + """Metaclass for the SystemPolicyV1Beta1 client. + + This provides class-level methods for building and retrieving + support objects (e.g. transport) without polluting the client instance + objects. + """ + _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] + _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport + _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport + + def get_transport_class(cls, + label: Optional[str] = None, + ) -> Type[SystemPolicyV1Beta1Transport]: + """Returns an appropriate transport class. + + Args: + label: The name of the desired transport. If none is + provided, then the first transport in the registry is used. + + Returns: + The transport class to use. + """ + # If a specific transport is requested, return that one. + if label: + return cls._transport_registry[label] + + # No transport is requested; return the default (that is, the first one + # in the dictionary). + return next(iter(cls._transport_registry.values())) + + +class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): + """API for working with the system policy.""" + + @staticmethod + def _get_default_mtls_endpoint(api_endpoint): + """Converts api endpoint to mTLS endpoint. + + Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to + "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. + Args: + api_endpoint (Optional[str]): the api endpoint to convert. + Returns: + str: converted mTLS api endpoint. + """ + if not api_endpoint: + return api_endpoint + + mtls_endpoint_re = re.compile( + r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" + ) + + m = mtls_endpoint_re.match(api_endpoint) + name, mtls, sandbox, googledomain = m.groups() + if mtls or not googledomain: + return api_endpoint + + if sandbox: + return api_endpoint.replace( + "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" + ) + + return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") + + DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" + DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore + DEFAULT_ENDPOINT + ) + + @classmethod + def from_service_account_info(cls, info: dict, *args, **kwargs): + """Creates an instance of this client using the provided credentials + info. + + Args: + info (dict): The service account private key info. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_info(info) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + @classmethod + def from_service_account_file(cls, filename: str, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SystemPolicyV1Beta1Client: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file( + filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @property + def transport(self) -> SystemPolicyV1Beta1Transport: + """Returns the transport used by the client instance. + + Returns: + SystemPolicyV1Beta1Transport: The transport used by the client + instance. + """ + return self._transport + + @staticmethod + def policy_path(project: str,) -> str: + """Returns a fully-qualified policy string.""" + return "projects/{project}/policy".format(project=project, ) + + @staticmethod + def parse_policy_path(path: str) -> Dict[str,str]: + """Parses a policy path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/policy$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_billing_account_path(billing_account: str, ) -> str: + """Returns a fully-qualified billing_account string.""" + return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + + @staticmethod + def parse_common_billing_account_path(path: str) -> Dict[str,str]: + """Parse a billing_account path into its component segments.""" + m = re.match(r"^billingAccounts/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_folder_path(folder: str, ) -> str: + """Returns a fully-qualified folder string.""" + return "folders/{folder}".format(folder=folder, ) + + @staticmethod + def parse_common_folder_path(path: str) -> Dict[str,str]: + """Parse a folder path into its component segments.""" + m = re.match(r"^folders/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_organization_path(organization: str, ) -> str: + """Returns a fully-qualified organization string.""" + return "organizations/{organization}".format(organization=organization, ) + + @staticmethod + def parse_common_organization_path(path: str) -> Dict[str,str]: + """Parse a organization path into its component segments.""" + m = re.match(r"^organizations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_project_path(project: str, ) -> str: + """Returns a fully-qualified project string.""" + return "projects/{project}".format(project=project, ) + + @staticmethod + def parse_common_project_path(path: str) -> Dict[str,str]: + """Parse a project path into its component segments.""" + m = re.match(r"^projects/(?P.+?)$", path) + return m.groupdict() if m else {} + + @staticmethod + def common_location_path(project: str, location: str, ) -> str: + """Returns a fully-qualified location string.""" + return "projects/{project}/locations/{location}".format(project=project, location=location, ) + + @staticmethod + def parse_common_location_path(path: str) -> Dict[str,str]: + """Parse a location path into its component segments.""" + m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) + return m.groupdict() if m else {} + + @classmethod + def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): + """Return the API endpoint and client cert source for mutual TLS. + + The client cert source is determined in the following order: + (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the + client cert source is None. + (2) if `client_options.client_cert_source` is provided, use the provided one; if the + default client cert source exists, use the default one; otherwise the client cert + source is None. + + The API endpoint is determined in the following order: + (1) if `client_options.api_endpoint` if provided, use the provided one. + (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the + default mTLS endpoint; if the environment variabel is "never", use the default API + endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise + use the default API endpoint. + + More details can be found at https://google.aip.dev/auth/4114. + + Args: + client_options (google.api_core.client_options.ClientOptions): Custom options for the + client. Only the `api_endpoint` and `client_cert_source` properties may be used + in this method. + + Returns: + Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the + client cert source to use. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If any errors happen. + """ + if client_options is None: + client_options = client_options_lib.ClientOptions() + use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") + use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") + if use_client_cert not in ("true", "false"): + raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") + if use_mtls_endpoint not in ("auto", "never", "always"): + raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") + + # Figure out the client cert source to use. + client_cert_source = None + if use_client_cert == "true": + if client_options.client_cert_source: + client_cert_source = client_options.client_cert_source + elif mtls.has_default_client_cert_source(): + client_cert_source = mtls.default_client_cert_source() + + # Figure out which api endpoint to use. + if client_options.api_endpoint is not None: + api_endpoint = client_options.api_endpoint + elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): + api_endpoint = cls.DEFAULT_MTLS_ENDPOINT + else: + api_endpoint = cls.DEFAULT_ENDPOINT + + return api_endpoint, client_cert_source + + def __init__(self, *, + credentials: Optional[ga_credentials.Credentials] = None, + transport: Optional[Union[str, SystemPolicyV1Beta1Transport]] = None, + client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + ) -> None: + """Instantiates the system policy v1 beta1 client. + + Args: + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + transport (Union[str, SystemPolicyV1Beta1Transport]): The + transport to use. If set to None, a transport is chosen + automatically. + client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the + client. It won't take effect if a ``transport`` instance is provided. + (1) The ``api_endpoint`` property can be used to override the + default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT + environment variable can also be used to override the endpoint: + "always" (always use the default mTLS endpoint), "never" (always + use the default regular endpoint) and "auto" (auto switch to the + default mTLS endpoint if client certificate is present, this is + the default value). However, the ``api_endpoint`` property takes + precedence if provided. + (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable + is "true", then the ``client_cert_source`` property can be used + to provide client certificate for mutual TLS transport. If + not provided, the default SSL client certificate will be used if + present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not + set, no client certificate will be used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + """ + if isinstance(client_options, dict): + client_options = client_options_lib.from_dict(client_options) + if client_options is None: + client_options = client_options_lib.ClientOptions() + client_options = cast(client_options_lib.ClientOptions, client_options) + + api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) + + api_key_value = getattr(client_options, "api_key", None) + if api_key_value and credentials: + raise ValueError("client_options.api_key and credentials are mutually exclusive") + + # Save or instantiate the transport. + # Ordinarily, we provide the transport, but allowing a custom transport + # instance provides an extensibility point for unusual situations. + if isinstance(transport, SystemPolicyV1Beta1Transport): + # transport is a SystemPolicyV1Beta1Transport instance. + if credentials or client_options.credentials_file or api_key_value: + raise ValueError("When providing a transport instance, " + "provide its credentials directly.") + if client_options.scopes: + raise ValueError( + "When providing a transport instance, provide its scopes " + "directly." + ) + self._transport = transport + else: + import google.auth._default # type: ignore + + if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): + credentials = google.auth._default.get_api_key_credentials(api_key_value) + + Transport = type(self).get_transport_class(transport) + self._transport = Transport( + credentials=credentials, + credentials_file=client_options.credentials_file, + host=api_endpoint, + scopes=client_options.scopes, + client_cert_source_for_mtls=client_cert_source_func, + quota_project_id=client_options.quota_project_id, + client_info=client_info, + always_use_jwt_access=True, + api_audience=client_options.api_audience, + ) + + def get_system_policy(self, + request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, + *, + name: Optional[str] = None, + retry: OptionalRetry = gapic_v1.method.DEFAULT, + timeout: Optional[float] = None, + metadata: Sequence[Tuple[str, str]] = (), + ) -> resources.Policy: + r"""Gets the current system policy in the specified + location. + + .. code-block:: python + + # This snippet has been automatically generated and should be regarded as a + # code template only. + # It will require modifications to work: + # - It may require correct/in-range values for request initialization. + # - It may require specifying regional endpoints when creating the service + # client as shown in: + # https://googleapis.dev/python/google-api-core/latest/client_options.html + from google.cloud import binaryauthorization_v1beta1 + + def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + + Args: + request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): + The request object. Request to read the current system + policy. + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is + not associated with a project. + + This corresponds to the ``name`` field + on the ``request`` instance; if ``request`` is provided, this + should not be set. + retry (google.api_core.retry.Retry): Designation of what errors, if any, + should be retried. + timeout (float): The timeout for this request. + metadata (Sequence[Tuple[str, str]]): Strings which should be + sent along with the request as metadata. + + Returns: + google.cloud.binaryauthorization_v1beta1.types.Policy: + A + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + for Binary Authorization. + + """ + # Create or coerce a protobuf request object. + # Quick check: If we got a request object, we should *not* have + # gotten any keyword arguments that map to the request. + has_flattened_params = any([name]) + if request is not None and has_flattened_params: + raise ValueError('If the `request` argument is set, then none of ' + 'the individual field arguments should be set.') + + # Minor optimization to avoid making a copy if the user passes + # in a service.GetSystemPolicyRequest. + # There's no risk of modifying the input as we've already verified + # there are no flattened fields. + if not isinstance(request, service.GetSystemPolicyRequest): + request = service.GetSystemPolicyRequest(request) + # If we have keyword arguments corresponding to fields on the + # request, apply these. + if name is not None: + request.name = name + + # Wrap the RPC method; this adds retry and timeout information, + # and friendly error handling. + rpc = self._transport._wrapped_methods[self._transport.get_system_policy] + + # Certain fields should be provided within the metadata header; + # add these here. + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ("name", request.name), + )), + ) + + # Send the request. + response = rpc( + request, + retry=retry, + timeout=timeout, + metadata=metadata, + ) + + # Done; return the response. + return response + + def __enter__(self): + return self + + def __exit__(self, type, value, traceback): + """Releases underlying transport's resources. + + .. warning:: + ONLY use as a context manager if the transport is NOT shared + with other clients! Exiting the with block will CLOSE the transport + and may cause errors in other clients! + """ + self.transport.close() + + + + + + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + "google-cloud-binaryauthorization", + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +__all__ = ( + "SystemPolicyV1Beta1Client", +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py new file mode 100644 index 0000000..2afe7f8 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from collections import OrderedDict +from typing import Dict, Type + +from .base import SystemPolicyV1Beta1Transport +from .grpc import SystemPolicyV1Beta1GrpcTransport +from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + + +# Compile a registry of transports. +_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] +_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport +_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport + +__all__ = ( + 'SystemPolicyV1Beta1Transport', + 'SystemPolicyV1Beta1GrpcTransport', + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py new file mode 100644 index 0000000..7332bfe --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py @@ -0,0 +1,155 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import abc +from typing import Awaitable, Callable, Dict, Optional, Sequence, Union +import pkg_resources + +import google.auth # type: ignore +import google.api_core +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import retry as retries +from google.auth import credentials as ga_credentials # type: ignore +from google.oauth2 import service_account # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service + +try: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( + gapic_version=pkg_resources.get_distribution( + 'google-cloud-binaryauthorization', + ).version, + ) +except pkg_resources.DistributionNotFound: + DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() + + +class SystemPolicyV1Beta1Transport(abc.ABC): + """Abstract transport class for SystemPolicyV1Beta1.""" + + AUTH_SCOPES = ( + 'https://www.googleapis.com/auth/cloud-platform', + ) + + DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' + def __init__( + self, *, + host: str = DEFAULT_HOST, + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + **kwargs, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A list of scopes. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + """ + + scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} + + # Save the scopes. + self._scopes = scopes + + # If no credentials are provided, then determine the appropriate + # defaults. + if credentials and credentials_file: + raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") + + if credentials_file is not None: + credentials, _ = google.auth.load_credentials_from_file( + credentials_file, + **scopes_kwargs, + quota_project_id=quota_project_id + ) + elif credentials is None: + credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) + # Don't apply audience if the credentials file passed from user. + if hasattr(credentials, "with_gdch_audience"): + credentials = credentials.with_gdch_audience(api_audience if api_audience else host) + + # If the credentials are service account credentials, then always try to use self signed JWT. + if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): + credentials = credentials.with_always_use_jwt_access(True) + + # Save the credentials. + self._credentials = credentials + + # Save the hostname. Default to port 443 (HTTPS) if none is specified. + if ':' not in host: + host += ':443' + self._host = host + + def _prep_wrapped_messages(self, client_info): + # Precompute the wrapped methods. + self._wrapped_methods = { + self.get_system_policy: gapic_v1.method.wrap_method( + self.get_system_policy, + default_timeout=None, + client_info=client_info, + ), + } + + def close(self): + """Closes resources associated with the transport. + + .. warning:: + Only call this method if the transport is NOT shared + with other clients - this may cause errors in other clients! + """ + raise NotImplementedError() + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Union[ + resources.Policy, + Awaitable[resources.Policy] + ]]: + raise NotImplementedError() + + @property + def kind(self) -> str: + raise NotImplementedError() + + +__all__ = ( + 'SystemPolicyV1Beta1Transport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py new file mode 100644 index 0000000..bbe28c5 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py @@ -0,0 +1,266 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import grpc_helpers +from google.api_core import gapic_v1 +import google.auth # type: ignore +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO + + +class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): + """gRPC backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + _stubs: Dict[str, Callable] + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[grpc.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional(Sequence[str])): A list of scopes. This argument is + ignored if ``channel`` is provided. + channel (Optional[grpc.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> grpc.Channel: + """Create and return a gRPC channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is mutually exclusive with credentials. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + grpc.Channel: A gRPC channel object. + + Raises: + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + + return grpc_helpers.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + @property + def grpc_channel(self) -> grpc.Channel: + """Return the channel designed to connect to this service. + """ + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + resources.Policy]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + ~.Policy]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + self.grpc_channel.close() + + @property + def kind(self) -> str: + return "grpc" + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py new file mode 100644 index 0000000..21bdee3 --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py @@ -0,0 +1,265 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import warnings +from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union + +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers_async +from google.auth import credentials as ga_credentials # type: ignore +from google.auth.transport.grpc import SslCredentials # type: ignore + +import grpc # type: ignore +from grpc.experimental import aio # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from .grpc import SystemPolicyV1Beta1GrpcTransport + + +class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): + """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. + + API for working with the system policy. + + This class defines the same methods as the primary client, so the + primary client can load the underlying transport implementation + and call it. + + It sends protocol buffers over the wire using gRPC (which is built on + top of HTTP/2); the ``grpcio`` package must be installed. + """ + + _grpc_channel: aio.Channel + _stubs: Dict[str, Callable] = {} + + @classmethod + def create_channel(cls, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + **kwargs) -> aio.Channel: + """Create and return a gRPC AsyncIO channel object. + Args: + host (Optional[str]): The host for the channel to use. + credentials (Optional[~.Credentials]): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + kwargs (Optional[dict]): Keyword arguments, which are passed to the + channel creation. + Returns: + aio.Channel: A gRPC AsyncIO channel object. + """ + + return grpc_helpers_async.create_channel( + host, + credentials=credentials, + credentials_file=credentials_file, + quota_project_id=quota_project_id, + default_scopes=cls.AUTH_SCOPES, + scopes=scopes, + default_host=cls.DEFAULT_HOST, + **kwargs + ) + + def __init__(self, *, + host: str = 'binaryauthorization.googleapis.com', + credentials: Optional[ga_credentials.Credentials] = None, + credentials_file: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + channel: Optional[aio.Channel] = None, + api_mtls_endpoint: Optional[str] = None, + client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, + client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, + quota_project_id: Optional[str] = None, + client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, + always_use_jwt_access: Optional[bool] = False, + api_audience: Optional[str] = None, + ) -> None: + """Instantiate the transport. + + Args: + host (Optional[str]): + The hostname to connect to. + credentials (Optional[google.auth.credentials.Credentials]): The + authorization credentials to attach to requests. These + credentials identify the application to the service; if none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is ignored if ``channel`` is provided. + credentials_file (Optional[str]): A file with credentials that can + be loaded with :func:`google.auth.load_credentials_from_file`. + This argument is ignored if ``channel`` is provided. + scopes (Optional[Sequence[str]]): A optional list of scopes needed for this + service. These are only used when credentials are not specified and + are passed to :func:`google.auth.default`. + channel (Optional[aio.Channel]): A ``Channel`` instance through + which to make calls. + api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. + If provided, it overrides the ``host`` argument and tries to create + a mutual TLS channel with client SSL credentials from + ``client_cert_source`` or application default SSL credentials. + client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): + Deprecated. A callback to provide client SSL certificate bytes and + private key bytes, both in PEM format. It is ignored if + ``api_mtls_endpoint`` is None. + ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials + for the grpc channel. It is ignored if ``channel`` is provided. + client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): + A callback to provide client certificate bytes and private key bytes, + both in PEM format. It is used to configure a mutual TLS channel. It is + ignored if ``channel`` or ``ssl_channel_credentials`` is provided. + quota_project_id (Optional[str]): An optional project to use for billing + and quota. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + always_use_jwt_access (Optional[bool]): Whether self signed JWT should + be used for service account credentials. + + Raises: + google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport + creation failed for any reason. + google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` + and ``credentials_file`` are passed. + """ + self._grpc_channel = None + self._ssl_channel_credentials = ssl_channel_credentials + self._stubs: Dict[str, Callable] = {} + + if api_mtls_endpoint: + warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) + if client_cert_source: + warnings.warn("client_cert_source is deprecated", DeprecationWarning) + + if channel: + # Ignore credentials if a channel was passed. + credentials = False + # If a channel was explicitly provided, set it. + self._grpc_channel = channel + self._ssl_channel_credentials = None + else: + if api_mtls_endpoint: + host = api_mtls_endpoint + + # Create SSL credentials with client_cert_source or application + # default SSL credentials. + if client_cert_source: + cert, key = client_cert_source() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + else: + self._ssl_channel_credentials = SslCredentials().ssl_credentials + + else: + if client_cert_source_for_mtls and not ssl_channel_credentials: + cert, key = client_cert_source_for_mtls() + self._ssl_channel_credentials = grpc.ssl_channel_credentials( + certificate_chain=cert, private_key=key + ) + + # The base transport sets the host, credentials and scopes + super().__init__( + host=host, + credentials=credentials, + credentials_file=credentials_file, + scopes=scopes, + quota_project_id=quota_project_id, + client_info=client_info, + always_use_jwt_access=always_use_jwt_access, + api_audience=api_audience, + ) + + if not self._grpc_channel: + self._grpc_channel = type(self).create_channel( + self._host, + # use the credentials which are saved + credentials=self._credentials, + # Set ``credentials_file`` to ``None`` here as + # the credentials that we saved earlier should be used. + credentials_file=None, + scopes=self._scopes, + ssl_credentials=self._ssl_channel_credentials, + quota_project_id=quota_project_id, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Wrap messages. This must be done after self._grpc_channel exists + self._prep_wrapped_messages(client_info) + + @property + def grpc_channel(self) -> aio.Channel: + """Create the channel designed to connect to this service. + + This property caches on the instance; repeated calls return + the same channel. + """ + # Return the channel from cache. + return self._grpc_channel + + @property + def get_system_policy(self) -> Callable[ + [service.GetSystemPolicyRequest], + Awaitable[resources.Policy]]: + r"""Return a callable for the get system policy method over gRPC. + + Gets the current system policy in the specified + location. + + Returns: + Callable[[~.GetSystemPolicyRequest], + Awaitable[~.Policy]]: + A function that, when called, will call the underlying RPC + on the server. + """ + # Generate a "stub function" on-the-fly which will actually make + # the request. + # gRPC handles serialization and deserialization, so we just need + # to pass in the functions for each. + if 'get_system_policy' not in self._stubs: + self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( + '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', + request_serializer=service.GetSystemPolicyRequest.serialize, + response_deserializer=resources.Policy.deserialize, + ) + return self._stubs['get_system_policy'] + + def close(self): + return self.grpc_channel.close() + + +__all__ = ( + 'SystemPolicyV1Beta1GrpcAsyncIOTransport', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py new file mode 100644 index 0000000..289c81c --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from .continuous_validation_logging import ( + ContinuousValidationEvent, +) +from .resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedDrydockNote, +) +from .service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, +) + +__all__ = ( + 'ContinuousValidationEvent', + 'AdmissionRule', + 'AdmissionWhitelistPattern', + 'Attestor', + 'AttestorPublicKey', + 'PkixPublicKey', + 'Policy', + 'UserOwnedDrydockNote', + 'CreateAttestorRequest', + 'DeleteAttestorRequest', + 'GetAttestorRequest', + 'GetPolicyRequest', + 'GetSystemPolicyRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'UpdateAttestorRequest', + 'UpdatePolicyRequest', +) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py new file mode 100644 index 0000000..85c30dd --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py @@ -0,0 +1,163 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'ContinuousValidationEvent', + }, +) + + +class ContinuousValidationEvent(proto.Message): + r"""Represents an auditing event from Continuous Validation. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): + Pod event. + + This field is a member of `oneof`_ ``event_type``. + unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): + Unsupported policy event. + + This field is a member of `oneof`_ ``event_type``. + """ + + class ContinuousValidationPodEvent(proto.Message): + r"""An auditing event for one Pod. + + Attributes: + pod_namespace (str): + The k8s namespace of the Pod. + pod (str): + The name of the Pod. + deploy_time (google.protobuf.timestamp_pb2.Timestamp): + Deploy time of the Pod from k8s. + end_time (google.protobuf.timestamp_pb2.Timestamp): + Termination time of the Pod from k8s, or + nothing if still running. + verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): + Auditing verdict for this Pod. + images (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): + List of images with auditing details. + """ + class PolicyConformanceVerdict(proto.Enum): + r"""Audit time policy conformance verdict.""" + POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 + VIOLATES_POLICY = 1 + + class ImageDetails(proto.Message): + r"""Container image with auditing details. + + Attributes: + image (str): + The name of the image. + result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): + The result of the audit for this image. + description (str): + Description of the above result. + """ + class AuditResult(proto.Enum): + r"""Result of the audit.""" + AUDIT_RESULT_UNSPECIFIED = 0 + ALLOW = 1 + DENY = 2 + + image: str = proto.Field( + proto.STRING, + number=1, + ) + result: 'ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult' = proto.Field( + proto.ENUM, + number=2, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', + ) + description: str = proto.Field( + proto.STRING, + number=3, + ) + + pod_namespace: str = proto.Field( + proto.STRING, + number=7, + ) + pod: str = proto.Field( + proto.STRING, + number=1, + ) + deploy_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=2, + message=timestamp_pb2.Timestamp, + ) + end_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=3, + message=timestamp_pb2.Timestamp, + ) + verdict: 'ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict' = proto.Field( + proto.ENUM, + number=4, + enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', + ) + images: MutableSequence['ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails'] = proto.RepeatedField( + proto.MESSAGE, + number=5, + message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', + ) + + class UnsupportedPolicyEvent(proto.Message): + r"""An event describing that the project policy is unsupported by + CV. + + Attributes: + description (str): + A description of the unsupported policy. + """ + + description: str = proto.Field( + proto.STRING, + number=1, + ) + + pod_event: ContinuousValidationPodEvent = proto.Field( + proto.MESSAGE, + number=1, + oneof='event_type', + message=ContinuousValidationPodEvent, + ) + unsupported_policy_event: UnsupportedPolicyEvent = proto.Field( + proto.MESSAGE, + number=2, + oneof='event_type', + message=UnsupportedPolicyEvent, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py new file mode 100644 index 0000000..8884bab --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py @@ -0,0 +1,463 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.protobuf import timestamp_pb2 # type: ignore + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'Policy', + 'AdmissionWhitelistPattern', + 'AdmissionRule', + 'Attestor', + 'UserOwnedDrydockNote', + 'PkixPublicKey', + 'AttestorPublicKey', + }, +) + + +class Policy(proto.Message): + r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for + Binary Authorization. + + Attributes: + name (str): + Output only. The resource name, in the format + ``projects/*/policy``. There is at most one policy per + project. + description (str): + Optional. A descriptive comment. + global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): + Optional. Controls the evaluation of a + Google-maintained global admission policy for + common system-level images. Images not covered + by the global policy will be subject to the + project admission policy. This setting has no + effect when specified inside a global admission + policy. + admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): + Optional. Admission policy allowlisting. A + matching admission request will always be + permitted. This feature is typically used to + exclude Google or third-party infrastructure + images from Binary Authorization policies. + cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-cluster admission rules. Cluster spec format: + ``location.clusterId``. There can be at most one admission + rule per cluster spec. A ``location`` is either a compute + zone (e.g. us-central1-a) or a region (e.g. us-central1). + For ``clusterId`` syntax restrictions see + https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. + kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-namespace admission rules. K8s + namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` + kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-kubernetes-service-account admission rules. + Service account spec format: ``namespace:serviceaccount``. + e.g. ``test-ns:default`` + istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): + Optional. Per-istio-service-identity admission rules. Istio + service identity spec format: + ``spiffe:///ns//sa/`` or + ``/ns//sa/`` e.g. + ``spiffe://example.com/ns/test-ns/sa/default`` + default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): + Required. Default admission rule for a + cluster without a per-cluster, per- + kubernetes-service-account, or + per-istio-service-identity admission rule. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the policy was last + updated. + """ + class GlobalPolicyEvaluationMode(proto.Enum): + r"""""" + GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 + ENABLE = 1 + DISABLE = 2 + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( + proto.ENUM, + number=7, + enum=GlobalPolicyEvaluationMode, + ) + admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AdmissionWhitelistPattern', + ) + cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=3, + message='AdmissionRule', + ) + kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=10, + message='AdmissionRule', + ) + kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=8, + message='AdmissionRule', + ) + istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( + proto.STRING, + proto.MESSAGE, + number=9, + message='AdmissionRule', + ) + default_admission_rule: 'AdmissionRule' = proto.Field( + proto.MESSAGE, + number=4, + message='AdmissionRule', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=5, + message=timestamp_pb2.Timestamp, + ) + + +class AdmissionWhitelistPattern(proto.Message): + r"""An [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + exempts images from checks by [admission + rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. + + Attributes: + name_pattern (str): + An image name pattern to allowlist, in the form + ``registry/path/to/image``. This supports a trailing ``*`` + as a wildcard, but this is allowed only in text after the + ``registry/`` part. ``*`` wildcard does not match ``/``, + i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but + it does not match ``gcr.io/nginx/image``. This also supports + a trailing ``**`` wildcard which matches subdirectories, + i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. + """ + + name_pattern: str = proto.Field( + proto.STRING, + number=1, + ) + + +class AdmissionRule(proto.Message): + r"""An [admission + rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] + specifies either that all container images used in a pod creation + request must be attested to by one or more + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that + all pod creations will be allowed, or that all pod creations will be + denied. + + Images matching an [admission allowlist + pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] + are exempted from admission rules and will never block a pod + creation. + + Attributes: + evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): + Required. How this admission rule will be + evaluated. + require_attestations_by (MutableSequence[str]): + Optional. The resource names of the attestors that must + attest to a container image, in the format + ``projects/*/attestors/*``. Each attestor must exist before + a policy can reference it. To add an attestor to a policy + the principal issuing the policy change request must be able + to read the attestor resource. + + Note: this field must be non-empty when the evaluation_mode + field specifies REQUIRE_ATTESTATION, otherwise it must be + empty. + enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): + Required. The action when a pod creation is + denied by the admission rule. + """ + class EvaluationMode(proto.Enum): + r"""""" + EVALUATION_MODE_UNSPECIFIED = 0 + ALWAYS_ALLOW = 1 + REQUIRE_ATTESTATION = 2 + ALWAYS_DENY = 3 + + class EnforcementMode(proto.Enum): + r"""Defines the possible actions when a pod creation is denied by + an admission rule. + """ + ENFORCEMENT_MODE_UNSPECIFIED = 0 + ENFORCED_BLOCK_AND_AUDIT_LOG = 1 + DRYRUN_AUDIT_LOG_ONLY = 2 + + evaluation_mode: EvaluationMode = proto.Field( + proto.ENUM, + number=1, + enum=EvaluationMode, + ) + require_attestations_by: MutableSequence[str] = proto.RepeatedField( + proto.STRING, + number=2, + ) + enforcement_mode: EnforcementMode = proto.Field( + proto.ENUM, + number=3, + enum=EnforcementMode, + ) + + +class Attestor(proto.Message): + r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + that attests to container image artifacts. An existing attestor + cannot be modified except where indicated. + + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + name (str): + Required. The resource name, in the format: + ``projects/*/attestors/*``. This field may not be updated. + description (str): + Optional. A descriptive comment. This field + may be updated. The field may be displayed in + chooser dialogs. + user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): + A Drydock ATTESTATION_AUTHORITY Note, created by the user. + + This field is a member of `oneof`_ ``attestor_type``. + update_time (google.protobuf.timestamp_pb2.Timestamp): + Output only. Time when the attestor was last + updated. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + description: str = proto.Field( + proto.STRING, + number=6, + ) + user_owned_drydock_note: 'UserOwnedDrydockNote' = proto.Field( + proto.MESSAGE, + number=3, + oneof='attestor_type', + message='UserOwnedDrydockNote', + ) + update_time: timestamp_pb2.Timestamp = proto.Field( + proto.MESSAGE, + number=4, + message=timestamp_pb2.Timestamp, + ) + + +class UserOwnedDrydockNote(proto.Message): + r"""An [user owned drydock + note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] + references a Drydock ATTESTATION_AUTHORITY Note created by the user. + + Attributes: + note_reference (str): + Required. The Drydock resource name of a + ATTESTATION_AUTHORITY Note, created by the user, in the + format: ``projects/*/notes/*`` (or the legacy + ``providers/*/notes/*``). This field may not be updated. + + An attestation by this attestor is stored as a Drydock + ATTESTATION_AUTHORITY Occurrence that names a container + image and that links to this Note. Drydock is an external + dependency. + public_keys (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): + Optional. Public keys that verify + attestations signed by this attestor. This + field may be updated. + If this field is non-empty, one of the specified + public keys must verify that an attestation was + signed by this attestor for the image specified + in the admission request. + + If this field is empty, this attestor always + returns that no valid attestations exist. + delegation_service_account_email (str): + Output only. This field will contain the service account + email address that this Attestor will use as the principal + when querying Container Analysis. Attestor administrators + must grant this service account the IAM role needed to read + attestations from the [note_reference][Note] in Container + Analysis (``containeranalysis.notes.occurrences.viewer``). + + This email address is fixed for the lifetime of the + Attestor, but callers should not make any other assumptions + about the service account email; future versions may use an + email based on a different naming pattern. + """ + + note_reference: str = proto.Field( + proto.STRING, + number=1, + ) + public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( + proto.MESSAGE, + number=2, + message='AttestorPublicKey', + ) + delegation_service_account_email: str = proto.Field( + proto.STRING, + number=3, + ) + + +class PkixPublicKey(proto.Message): + r"""A public key in the PkixPublicKey format (see + https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for + details). Public keys of this type are typically textually + encoded using the PEM format. + + Attributes: + public_key_pem (str): + A PEM-encoded public key, as described in + https://tools.ietf.org/html/rfc7468#section-13 + signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): + The signature algorithm used to verify a message against a + signature using this key. These signature algorithm must + match the structure and any object identifiers encoded in + ``public_key_pem`` (i.e. this algorithm must match that of + the public key). + """ + class SignatureAlgorithm(proto.Enum): + r"""Represents a signature algorithm and other information + necessary to verify signatures with a given public key. This is + based primarily on the public key types supported by Tink's + PemKeyType, which is in turn based on KMS's supported signing + algorithms. See https://cloud.google.com/kms/docs/algorithms. In + the future, BinAuthz might support additional public key types + independently of Tink and/or KMS. + """ + _pb_options = {'allow_alias': True} + SIGNATURE_ALGORITHM_UNSPECIFIED = 0 + RSA_PSS_2048_SHA256 = 1 + RSA_PSS_3072_SHA256 = 2 + RSA_PSS_4096_SHA256 = 3 + RSA_PSS_4096_SHA512 = 4 + RSA_SIGN_PKCS1_2048_SHA256 = 5 + RSA_SIGN_PKCS1_3072_SHA256 = 6 + RSA_SIGN_PKCS1_4096_SHA256 = 7 + RSA_SIGN_PKCS1_4096_SHA512 = 8 + ECDSA_P256_SHA256 = 9 + EC_SIGN_P256_SHA256 = 9 + ECDSA_P384_SHA384 = 10 + EC_SIGN_P384_SHA384 = 10 + ECDSA_P521_SHA512 = 11 + EC_SIGN_P521_SHA512 = 11 + + public_key_pem: str = proto.Field( + proto.STRING, + number=1, + ) + signature_algorithm: SignatureAlgorithm = proto.Field( + proto.ENUM, + number=2, + enum=SignatureAlgorithm, + ) + + +class AttestorPublicKey(proto.Message): + r"""An [attestor public + key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] + that will be used to verify attestations signed by this attestor. + + This message has `oneof`_ fields (mutually exclusive fields). + For each oneof, at most one member field can be set at the same time. + Setting any member of the oneof automatically clears all other + members. + + .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields + + Attributes: + comment (str): + Optional. A descriptive comment. This field + may be updated. + id (str): + The ID of this public key. Signatures verified by BinAuthz + must include the ID of the public key that can be used to + verify them, and that ID must match the contents of this + field exactly. Additional restrictions on this field can be + imposed based on which public key type is encapsulated. See + the documentation on ``public_key`` cases below for details. + ascii_armored_pgp_public_key (str): + ASCII-armored representation of a PGP public key, as the + entire output by the command + ``gpg --export --armor foo@example.com`` (either LF or CRLF + line endings). When using this field, ``id`` should be left + blank. The BinAuthz API handlers will calculate the ID and + fill it in automatically. BinAuthz computes this ID as the + OpenPGP RFC4880 V4 fingerprint, represented as upper-case + hex. If ``id`` is provided by the caller, it will be + overwritten by the API-calculated ID. + + This field is a member of `oneof`_ ``public_key``. + pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): + A raw PKIX SubjectPublicKeyInfo format public key. + + NOTE: ``id`` may be explicitly provided by the caller when + using this type of public key, but it MUST be a valid + RFC3986 URI. If ``id`` is left blank, a default one will be + computed based on the digest of the DER encoding of the + public key. + + This field is a member of `oneof`_ ``public_key``. + """ + + comment: str = proto.Field( + proto.STRING, + number=1, + ) + id: str = proto.Field( + proto.STRING, + number=2, + ) + ascii_armored_pgp_public_key: str = proto.Field( + proto.STRING, + number=3, + oneof='public_key', + ) + pkix_public_key: 'PkixPublicKey' = proto.Field( + proto.MESSAGE, + number=5, + oneof='public_key', + message='PkixPublicKey', + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py new file mode 100644 index 0000000..4b8caad --- /dev/null +++ b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py @@ -0,0 +1,243 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from typing import MutableMapping, MutableSequence + +import proto # type: ignore + +from google.cloud.binaryauthorization_v1beta1.types import resources + + +__protobuf__ = proto.module( + package='google.cloud.binaryauthorization.v1beta1', + manifest={ + 'GetPolicyRequest', + 'UpdatePolicyRequest', + 'CreateAttestorRequest', + 'GetAttestorRequest', + 'UpdateAttestorRequest', + 'ListAttestorsRequest', + 'ListAttestorsResponse', + 'DeleteAttestorRequest', + 'GetSystemPolicyRequest', + }, +) + + +class GetPolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetPolicy][]. + + Attributes: + name (str): + Required. The resource name of the + [policy][google.cloud.binaryauthorization.v1beta1.Policy] to + retrieve, in the format ``projects/*/policy``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdatePolicyRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdatePolicy][]. + + Attributes: + policy (google.cloud.binaryauthorization_v1beta1.types.Policy): + Required. A new or updated + [policy][google.cloud.binaryauthorization.v1beta1.Policy] + value. The service will overwrite the [policy + name][google.cloud.binaryauthorization.v1beta1.Policy.name] + field with the resource name in the request URL, in the + format ``projects/*/policy``. + """ + + policy: resources.Policy = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Policy, + ) + + +class CreateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.CreateAttestor][]. + + Attributes: + parent (str): + Required. The parent of this + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. + attestor_id (str): + Required. The + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + ID. + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The initial + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name, in the format + ``projects/*/attestors/*``. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + attestor_id: str = proto.Field( + proto.STRING, + number=2, + ) + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=3, + message=resources.Attestor, + ) + + +class GetAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.GetAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + to retrieve, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class UpdateAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.UpdateAttestor][]. + + Attributes: + attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): + Required. The updated + [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] + value. The service will overwrite the [attestor + name][google.cloud.binaryauthorization.v1beta1.Attestor.name] + field with the resource name in the request URL, in the + format ``projects/*/attestors/*``. + """ + + attestor: resources.Attestor = proto.Field( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + + +class ListAttestorsRequest(proto.Message): + r"""Request message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + parent (str): + Required. The resource name of the project associated with + the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], + in the format ``projects/*``. + page_size (int): + Requested page size. The server may return + fewer results than requested. If unspecified, + the server will pick an appropriate default. + page_token (str): + A token identifying a page of results the server should + return. Typically, this is the value of + [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] + returned from the previous call to the ``ListAttestors`` + method. + """ + + parent: str = proto.Field( + proto.STRING, + number=1, + ) + page_size: int = proto.Field( + proto.INT32, + number=2, + ) + page_token: str = proto.Field( + proto.STRING, + number=3, + ) + + +class ListAttestorsResponse(proto.Message): + r"""Response message for [BinauthzManagementService.ListAttestors][]. + + Attributes: + attestors (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): + The list of + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. + next_page_token (str): + A token to retrieve the next page of results. Pass this + value in the + [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] + field in the subsequent call to the ``ListAttestors`` method + to retrieve the next page of results. + """ + + @property + def raw_page(self): + return self + + attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( + proto.MESSAGE, + number=1, + message=resources.Attestor, + ) + next_page_token: str = proto.Field( + proto.STRING, + number=2, + ) + + +class DeleteAttestorRequest(proto.Message): + r"""Request message for [BinauthzManagementService.DeleteAttestor][]. + + Attributes: + name (str): + Required. The name of the + [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] + to delete, in the format ``projects/*/attestors/*``. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +class GetSystemPolicyRequest(proto.Message): + r"""Request to read the current system policy. + + Attributes: + name (str): + Required. The resource name, in the format + ``locations/*/policy``. Note that the system policy is not + associated with a project. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini new file mode 100644 index 0000000..574c5ae --- /dev/null +++ b/owl-bot-staging/v1beta1/mypy.ini @@ -0,0 +1,3 @@ +[mypy] +python_version = 3.7 +namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py new file mode 100644 index 0000000..b45044d --- /dev/null +++ b/owl-bot-staging/v1beta1/noxfile.py @@ -0,0 +1,179 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +import pathlib +import shutil +import subprocess +import sys + + +import nox # type: ignore + +ALL_PYTHON = [ + "3.7", + "3.8", + "3.9", + "3.10", +] + +CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() + +LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" +PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") + +BLACK_VERSION = "black==22.3.0" +BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] +DEFAULT_PYTHON_VERSION = "3.10" + +nox.sessions = [ + "unit", + "cover", + "mypy", + "check_lower_bounds" + # exclude update_lower_bounds from default + "docs", + "blacken", + "lint", + "lint_setup_py", +] + +@nox.session(python=ALL_PYTHON) +def unit(session): + """Run the unit test suite.""" + + session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') + session.install('-e', '.') + + session.run( + 'py.test', + '--quiet', + '--cov=google/cloud/binaryauthorization_v1beta1/', + '--cov=tests/', + '--cov-config=.coveragerc', + '--cov-report=term', + '--cov-report=html', + os.path.join('tests', 'unit', ''.join(session.posargs)) + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def cover(session): + """Run the final coverage report. + This outputs the coverage report aggregating coverage from the unit + test runs (not system test runs), and then erases coverage data. + """ + session.install("coverage", "pytest-cov") + session.run("coverage", "report", "--show-missing", "--fail-under=100") + + session.run("coverage", "erase") + + +@nox.session(python=ALL_PYTHON) +def mypy(session): + """Run the type checker.""" + session.install('mypy', 'types-pkg_resources') + session.install('.') + session.run( + 'mypy', + '--explicit-package-bases', + 'google', + ) + + +@nox.session +def update_lower_bounds(session): + """Update lower bounds in constraints.txt to match setup.py""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'update', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + + +@nox.session +def check_lower_bounds(session): + """Check lower bounds in setup.py are reflected in constraints file""" + session.install('google-cloud-testutils') + session.install('.') + + session.run( + 'lower-bound-checker', + 'check', + '--package-name', + PACKAGE_NAME, + '--constraints-file', + str(LOWER_BOUND_CONSTRAINTS_FILE), + ) + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def docs(session): + """Build the docs for this library.""" + + session.install("-e", ".") + session.install("sphinx==4.0.1", "alabaster", "recommonmark") + + shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) + session.run( + "sphinx-build", + "-W", # warnings as errors + "-T", # show full traceback on exception + "-N", # no colors + "-b", + "html", + "-d", + os.path.join("docs", "_build", "doctrees", ""), + os.path.join("docs", ""), + os.path.join("docs", "_build", "html", ""), + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint(session): + """Run linters. + + Returns a failure if the linters find linting errors or sufficiently + serious code quality issues. + """ + session.install("flake8", BLACK_VERSION) + session.run( + "black", + "--check", + *BLACK_PATHS, + ) + session.run("flake8", "google", "tests", "samples") + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def blacken(session): + """Run black. Format code to uniform standard.""" + session.install(BLACK_VERSION) + session.run( + "black", + *BLACK_PATHS, + ) + + +@nox.session(python=DEFAULT_PYTHON_VERSION) +def lint_setup_py(session): + """Verify that setup.py is valid (including RST check).""" + session.install("docutils", "pygments") + session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py new file mode 100644 index 0000000..793b1ea --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = await client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py new file mode 100644 index 0000000..4de96ca --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py @@ -0,0 +1,58 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for CreateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_create_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.CreateAttestorRequest( + parent="parent_value", + attestor_id="attestor_id_value", + attestor=attestor, + ) + + # Make the request + response = client.create_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py new file mode 100644 index 0000000..3aa680b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + await client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py new file mode 100644 index 0000000..7a0a694 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for DeleteAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_delete_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.DeleteAttestorRequest( + name="name_value", + ) + + # Make the request + client.delete_attestor(request=request) + + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py new file mode 100644 index 0000000..d3affd0 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = await client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py new file mode 100644 index 0000000..b2fa796 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetAttestorRequest( + name="name_value", + ) + + # Make the request + response = client.get_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py new file mode 100644 index 0000000..99deaa5 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py new file mode 100644 index 0000000..ae48362 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py new file mode 100644 index 0000000..9373d89 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + async for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py new file mode 100644 index 0000000..24f6afc --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for ListAttestors +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_list_attestors(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.ListAttestorsRequest( + parent="parent_value", + ) + + # Make the request + page_result = client.list_attestors(request=request) + + # Handle the response + for response in page_result: + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py new file mode 100644 index 0000000..463bb99 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = await client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py new file mode 100644 index 0000000..21ce41a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdateAttestor +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_attestor(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + attestor = binaryauthorization_v1beta1.Attestor() + attestor.user_owned_drydock_note.note_reference = "note_reference_value" + attestor.name = "name_value" + + request = binaryauthorization_v1beta1.UpdateAttestorRequest( + attestor=attestor, + ) + + # Make the request + response = client.update_attestor(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py new file mode 100644 index 0000000..2d3f605 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = await client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py new file mode 100644 index 0000000..85ba6b8 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py @@ -0,0 +1,56 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for UpdatePolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_update_policy(): + # Create a client + client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() + + # Initialize request argument(s) + policy = binaryauthorization_v1beta1.Policy() + policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" + policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" + + request = binaryauthorization_v1beta1.UpdatePolicyRequest( + policy=policy, + ) + + # Make the request + response = client.update_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py new file mode 100644 index 0000000..36a01b4 --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +async def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = await client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py new file mode 100644 index 0000000..6b68d3b --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py @@ -0,0 +1,52 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Generated code. DO NOT EDIT! +# +# Snippet for GetSystemPolicy +# NOTE: This snippet has been automatically generated for illustrative purposes only. +# It may require modifications to work in your environment. + +# To install the latest published package dependency, execute the following: +# python3 -m pip install google-cloud-binaryauthorization + + +# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] +# This snippet has been automatically generated and should be regarded as a +# code template only. +# It will require modifications to work: +# - It may require correct/in-range values for request initialization. +# - It may require specifying regional endpoints when creating the service +# client as shown in: +# https://googleapis.dev/python/google-api-core/latest/client_options.html +from google.cloud import binaryauthorization_v1beta1 + + +def sample_get_system_policy(): + # Create a client + client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() + + # Initialize request argument(s) + request = binaryauthorization_v1beta1.GetSystemPolicyRequest( + name="name_value", + ) + + # Make the request + response = client.get_system_policy(request=request) + + # Handle the response + print(response) + +# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json new file mode 100644 index 0000000..c59b49a --- /dev/null +++ b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json @@ -0,0 +1,1313 @@ +{ + "clientLibrary": { + "apis": [ + { + "id": "google.cloud.binaryauthorization.v1beta1", + "version": "v1beta1" + } + ], + "language": "PYTHON", + "name": "google-cloud-binaryauthorization", + "version": "0.1.0" + }, + "snippets": [ + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "CreateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "attestor_id", + "type": "str" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "create_attestor" + }, + "description": "Sample for CreateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", + "segments": [ + { + "end": 57, + "start": 27, + "type": "FULL" + }, + { + "end": 57, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 51, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 54, + "start": 52, + "type": "REQUEST_EXECUTION" + }, + { + "end": 58, + "start": 55, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "DeleteAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "shortName": "delete_attestor" + }, + "description": "Sample for DeleteAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", + "segments": [ + { + "end": 49, + "start": 27, + "type": "FULL" + }, + { + "end": 49, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 50, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "get_attestor" + }, + "description": "Sample for GetAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "GetPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_policy" + }, + "description": "Sample for GetPolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "ListAttestors" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" + }, + { + "name": "parent", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", + "shortName": "list_attestors" + }, + "description": "Sample for ListAttestors", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", + "segments": [ + { + "end": 52, + "start": 27, + "type": "FULL" + }, + { + "end": 52, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 53, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdateAttestor" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" + }, + { + "name": "attestor", + "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", + "shortName": "update_attestor" + }, + "description": "Sample for UpdateAttestor", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", + "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", + "shortName": "BinauthzManagementServiceV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", + "shortName": "BinauthzManagementServiceV1Beta1" + }, + "shortName": "UpdatePolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" + }, + { + "name": "policy", + "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "update_policy" + }, + "description": "Sample for UpdatePolicy", + "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", + "segments": [ + { + "end": 55, + "start": 27, + "type": "FULL" + }, + { + "end": 55, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 49, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 52, + "start": 50, + "type": "REQUEST_EXECUTION" + }, + { + "end": 56, + "start": 53, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" + }, + { + "canonical": true, + "clientMethod": { + "async": true, + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", + "shortName": "SystemPolicyV1Beta1AsyncClient" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" + }, + { + "canonical": true, + "clientMethod": { + "client": { + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", + "shortName": "SystemPolicyV1Beta1Client" + }, + "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", + "method": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", + "service": { + "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", + "shortName": "SystemPolicyV1Beta1" + }, + "shortName": "GetSystemPolicy" + }, + "parameters": [ + { + "name": "request", + "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" + }, + { + "name": "name", + "type": "str" + }, + { + "name": "retry", + "type": "google.api_core.retry.Retry" + }, + { + "name": "timeout", + "type": "float" + }, + { + "name": "metadata", + "type": "Sequence[Tuple[str, str]" + } + ], + "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", + "shortName": "get_system_policy" + }, + "description": "Sample for GetSystemPolicy", + "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", + "language": "PYTHON", + "origin": "API_DEFINITION", + "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", + "segments": [ + { + "end": 51, + "start": 27, + "type": "FULL" + }, + { + "end": 51, + "start": 27, + "type": "SHORT" + }, + { + "end": 40, + "start": 38, + "type": "CLIENT_INITIALIZATION" + }, + { + "end": 45, + "start": 41, + "type": "REQUEST_INITIALIZATION" + }, + { + "end": 48, + "start": 46, + "type": "REQUEST_EXECUTION" + }, + { + "end": 52, + "start": 49, + "type": "RESPONSE_HANDLING" + } + ], + "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" + } + ] +} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py new file mode 100644 index 0000000..e4d7076 --- /dev/null +++ b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py @@ -0,0 +1,183 @@ +#! /usr/bin/env python3 +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import argparse +import os +import libcst as cst +import pathlib +import sys +from typing import (Any, Callable, Dict, List, Sequence, Tuple) + + +def partition( + predicate: Callable[[Any], bool], + iterator: Sequence[Any] +) -> Tuple[List[Any], List[Any]]: + """A stable, out-of-place partition.""" + results = ([], []) + + for i in iterator: + results[int(predicate(i))].append(i) + + # Returns trueList, falseList + return results[1], results[0] + + +class binaryauthorizationCallTransformer(cst.CSTTransformer): + CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') + METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { + 'create_attestor': ('parent', 'attestor_id', 'attestor', ), + 'delete_attestor': ('name', ), + 'get_attestor': ('name', ), + 'get_policy': ('name', ), + 'get_system_policy': ('name', ), + 'list_attestors': ('parent', 'page_size', 'page_token', ), + 'update_attestor': ('attestor', ), + 'update_policy': ('policy', ), + } + + def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: + try: + key = original.func.attr.value + kword_params = self.METHOD_TO_PARAMS[key] + except (AttributeError, KeyError): + # Either not a method from the API or too convoluted to be sure. + return updated + + # If the existing code is valid, keyword args come after positional args. + # Therefore, all positional args must map to the first parameters. + args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) + if any(k.keyword.value == "request" for k in kwargs): + # We've already fixed this file, don't fix it again. + return updated + + kwargs, ctrl_kwargs = partition( + lambda a: a.keyword.value not in self.CTRL_PARAMS, + kwargs + ) + + args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] + ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) + for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) + + request_arg = cst.Arg( + value=cst.Dict([ + cst.DictElement( + cst.SimpleString("'{}'".format(name)), +cst.Element(value=arg.value) + ) + # Note: the args + kwargs looks silly, but keep in mind that + # the control parameters had to be stripped out, and that + # those could have been passed positionally or by keyword. + for name, arg in zip(kword_params, args + kwargs)]), + keyword=cst.Name("request") + ) + + return updated.with_changes( + args=[request_arg] + ctrl_kwargs + ) + + +def fix_files( + in_dir: pathlib.Path, + out_dir: pathlib.Path, + *, + transformer=binaryauthorizationCallTransformer(), +): + """Duplicate the input dir to the output dir, fixing file method calls. + + Preconditions: + * in_dir is a real directory + * out_dir is a real, empty directory + """ + pyfile_gen = ( + pathlib.Path(os.path.join(root, f)) + for root, _, files in os.walk(in_dir) + for f in files if os.path.splitext(f)[1] == ".py" + ) + + for fpath in pyfile_gen: + with open(fpath, 'r') as f: + src = f.read() + + # Parse the code and insert method call fixes. + tree = cst.parse_module(src) + updated = tree.visit(transformer) + + # Create the path and directory structure for the new file. + updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) + updated_path.parent.mkdir(parents=True, exist_ok=True) + + # Generate the updated source file at the corresponding path. + with open(updated_path, 'w') as f: + f.write(updated.code) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser( + description="""Fix up source that uses the binaryauthorization client library. + +The existing sources are NOT overwritten but are copied to output_dir with changes made. + +Note: This tool operates at a best-effort level at converting positional + parameters in client method calls to keyword based parameters. + Cases where it WILL FAIL include + A) * or ** expansion in a method call. + B) Calls via function or method alias (includes free function calls) + C) Indirect or dispatched calls (e.g. the method is looked up dynamically) + + These all constitute false negatives. The tool will also detect false + positives when an API method shares a name with another method. +""") + parser.add_argument( + '-d', + '--input-directory', + required=True, + dest='input_dir', + help='the input directory to walk for python files to fix up', + ) + parser.add_argument( + '-o', + '--output-directory', + required=True, + dest='output_dir', + help='the directory to output files fixed via un-flattening', + ) + args = parser.parse_args() + input_dir = pathlib.Path(args.input_dir) + output_dir = pathlib.Path(args.output_dir) + if not input_dir.is_dir(): + print( + f"input directory '{input_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if not output_dir.is_dir(): + print( + f"output directory '{output_dir}' does not exist or is not a directory", + file=sys.stderr, + ) + sys.exit(-1) + + if os.listdir(output_dir): + print( + f"output directory '{output_dir}' is not empty", + file=sys.stderr, + ) + sys.exit(-1) + + fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py new file mode 100644 index 0000000..b9a59d2 --- /dev/null +++ b/owl-bot-staging/v1beta1/setup.py @@ -0,0 +1,90 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import io +import os + +import setuptools # type: ignore + +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = 'google-cloud-binaryauthorization' + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", +] +url = "https://github.com/googleapis/python-binaryauthorization" + +package_root = os.path.abspath(os.path.dirname(__file__)) + +readme_filename = os.path.join(package_root, "README.rst") +with io.open(readme_filename, encoding="utf-8") as readme_file: + readme = readme_file.read() + +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") + +setuptools.setup( + name=name, + version=version, + description=description, + long_description=readme, + author="Google LLC", + author_email="googleapis-packages@google.com", + license="Apache 2.0", + url=url, + classifiers=[ + release_status, + "Intended Audience :: Developers", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", + "Topic :: Internet", + ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, + zip_safe=False, +) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt new file mode 100644 index 0000000..6f3158c --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt @@ -0,0 +1,9 @@ +# This constraints file is used to check that lower bounds +# are correct in setup.py +# List all library dependencies and extras in this file. +# Pin the version to the lower bound. +# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", +# Then this file should have google-cloud-foo==1.14.0 +google-api-core==1.33.2 +proto-plus==1.22.0 +protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt new file mode 100644 index 0000000..ed7f9ae --- /dev/null +++ b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt @@ -0,0 +1,6 @@ +# -*- coding: utf-8 -*- +# This constraints file is required for unit tests. +# List all library dependencies and extras in this file. +google-api-core +proto-plus +protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py new file mode 100644 index 0000000..231bc12 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py @@ -0,0 +1,16 @@ + +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py new file mode 100644 index 0000000..e2b10aa --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py @@ -0,0 +1,3039 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers +from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_binauthz_management_service_v1_beta1_client_get_transport_class(): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() + available_transports = [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") + assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient +]) +@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) +@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) +def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = BinauthzManagementServiceV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetPolicyRequest, + dict, +]) +def test_get_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + client.get_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + +@pytest.mark.asyncio +async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_policy_async_from_dict(): + await test_get_policy_async(request_type=dict) + + +def test_get_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_policy( + service.GetPolicyRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdatePolicyRequest, + dict, +]) +def test_update_policy(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_update_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + client.update_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + +@pytest.mark.asyncio +async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdatePolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_update_policy_async_from_dict(): + await test_update_policy_async(request_type=dict) + + +def test_update_policy_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_policy_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdatePolicyRequest() + + request.policy.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.update_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'policy.name=name_value', + ) in kw['metadata'] + + +def test_update_policy_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + + +def test_update_policy_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_policy_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_policy( + policy=resources.Policy(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].policy + mock_val = resources.Policy(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_policy_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_policy( + service.UpdatePolicyRequest(), + policy=resources.Policy(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.CreateAttestorRequest, + dict, +]) +def test_create_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_create_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + client.create_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + +@pytest.mark.asyncio +async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.CreateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_create_attestor_async_from_dict(): + await test_create_attestor_async(request_type=dict) + + +def test_create_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_create_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.CreateAttestorRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.create_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_create_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_create_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_create_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.create_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.create_attestor( + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + arg = args[0].attestor_id + mock_val = 'attestor_id_value' + assert arg == mock_val + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_create_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.create_attestor( + service.CreateAttestorRequest(), + parent='parent_value', + attestor_id='attestor_id_value', + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetAttestorRequest, + dict, +]) +def test_get_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_get_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + client.get_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + +@pytest.mark.asyncio +async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_get_attestor_async_from_dict(): + await test_get_attestor_async(request_type=dict) + + +def test_get_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.get_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_attestor( + service.GetAttestorRequest(), + name='name_value', + ) + + +@pytest.mark.parametrize("request_type", [ + service.UpdateAttestorRequest, + dict, +]) +def test_update_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor( + name='name_value', + description='description_value', + user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), + ) + response = client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +def test_update_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + client.update_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + +@pytest.mark.asyncio +async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( + name='name_value', + description='description_value', + )) + response = await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.UpdateAttestorRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Attestor) + assert response.name == 'name_value' + assert response.description == 'description_value' + + +@pytest.mark.asyncio +async def test_update_attestor_async_from_dict(): + await test_update_attestor_async(request_type=dict) + + +def test_update_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = resources.Attestor() + client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_update_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.UpdateAttestorRequest() + + request.attestor.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + await client.update_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'attestor.name=name_value', + ) in kw['metadata'] + + +def test_update_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + + +def test_update_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + +@pytest.mark.asyncio +async def test_update_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.update_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Attestor() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.update_attestor( + attestor=resources.Attestor(name='name_value'), + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].attestor + mock_val = resources.Attestor(name='name_value') + assert arg == mock_val + +@pytest.mark.asyncio +async def test_update_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.update_attestor( + service.UpdateAttestorRequest(), + attestor=resources.Attestor(name='name_value'), + ) + + +@pytest.mark.parametrize("request_type", [ + service.ListAttestorsRequest, + dict, +]) +def test_list_attestors(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse( + next_page_token='next_page_token_value', + ) + response = client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsPager) + assert response.next_page_token == 'next_page_token_value' + + +def test_list_attestors_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + client.list_attestors() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + +@pytest.mark.asyncio +async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( + next_page_token='next_page_token_value', + )) + response = await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.ListAttestorsRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, pagers.ListAttestorsAsyncPager) + assert response.next_page_token == 'next_page_token_value' + + +@pytest.mark.asyncio +async def test_list_attestors_async_from_dict(): + await test_list_attestors_async(request_type=dict) + + +def test_list_attestors_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = service.ListAttestorsResponse() + client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_list_attestors_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.ListAttestorsRequest() + + request.parent = 'parent_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + await client.list_attestors(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'parent=parent_value', + ) in kw['metadata'] + + +def test_list_attestors_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + + +def test_list_attestors_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + +@pytest.mark.asyncio +async def test_list_attestors_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = service.ListAttestorsResponse() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.list_attestors( + parent='parent_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].parent + mock_val = 'parent_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_list_attestors_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.list_attestors( + service.ListAttestorsRequest(), + parent='parent_value', + ) + + +def test_list_attestors_pager(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + + metadata = () + metadata = tuple(metadata) + ( + gapic_v1.routing_header.to_grpc_metadata(( + ('parent', ''), + )), + ) + pager = client.list_attestors(request={}) + + assert pager._metadata == metadata + + results = list(pager) + assert len(results) == 6 + assert all(isinstance(i, resources.Attestor) + for i in results) +def test_list_attestors_pages(transport_name: str = "grpc"): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials, + transport=transport_name, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__') as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = list(client.list_attestors(request={}).pages) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.asyncio +async def test_list_attestors_async_pager(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + async_pager = await client.list_attestors(request={},) + assert async_pager.next_page_token == 'abc' + responses = [] + async for response in async_pager: # pragma: no branch + responses.append(response) + + assert len(responses) == 6 + assert all(isinstance(i, resources.Attestor) + for i in responses) + + +@pytest.mark.asyncio +async def test_list_attestors_async_pages(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials, + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.list_attestors), + '__call__', new_callable=mock.AsyncMock) as call: + # Set the response to a series of pages. + call.side_effect = ( + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + resources.Attestor(), + ], + next_page_token='abc', + ), + service.ListAttestorsResponse( + attestors=[], + next_page_token='def', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + ], + next_page_token='ghi', + ), + service.ListAttestorsResponse( + attestors=[ + resources.Attestor(), + resources.Attestor(), + ], + ), + RuntimeError, + ) + pages = [] + async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch + pages.append(page_) + for page_, token in zip(pages, ['abc','def','ghi', '']): + assert page_.raw_page.next_page_token == token + +@pytest.mark.parametrize("request_type", [ + service.DeleteAttestorRequest, + dict, +]) +def test_delete_attestor(request_type, transport: str = 'grpc'): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + response = client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +def test_delete_attestor_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + client.delete_attestor() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + +@pytest.mark.asyncio +async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + response = await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.DeleteAttestorRequest() + + # Establish that the response is the type that we expect. + assert response is None + + +@pytest.mark.asyncio +async def test_delete_attestor_async_from_dict(): + await test_delete_attestor_async(request_type=dict) + + +def test_delete_attestor_field_headers(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = None + client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_delete_attestor_field_headers_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.DeleteAttestorRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + await client.delete_attestor(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_delete_attestor_flattened(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_delete_attestor_flattened_error(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.delete_attestor), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = None + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.delete_attestor( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_delete_attestor_flattened_error_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.delete_attestor( + service.DeleteAttestorRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = BinauthzManagementServiceV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = BinauthzManagementServiceV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + ) + +def test_binauthz_management_service_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_binauthz_management_service_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_policy', + 'update_policy', + 'create_attestor', + 'get_attestor', + 'update_attestor', + 'list_attestors', + 'delete_attestor', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.BinauthzManagementServiceV1Beta1Transport() + adc.assert_called_once() + + +def test_binauthz_management_service_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + BinauthzManagementServiceV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.BinauthzManagementServiceV1Beta1GrpcTransport, + transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, + ], +) +def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), + (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) +def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_attestor_path(): + project = "squid" + attestor = "clam" + expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) + actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) + assert expected == actual + + +def test_parse_attestor_path(): + expected = { + "project": "whelk", + "attestor": "octopus", + } + path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) + assert expected == actual + +def test_policy_path(): + project = "oyster" + expected = "projects/{project}/policy".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "cuttlefish" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "mussel", + } + path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "winkle" + expected = "folders/{folder}".format(folder=folder, ) + actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nautilus", + } + path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "scallop" + expected = "organizations/{organization}".format(organization=organization, ) + actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "abalone", + } + path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "squid" + expected = "projects/{project}".format(project=project, ) + actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "clam", + } + path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "whelk" + location = "octopus" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "oyster", + "location": "nudibranch", + } + path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = BinauthzManagementServiceV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = BinauthzManagementServiceV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), + (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py new file mode 100644 index 0000000..b1902f9 --- /dev/null +++ b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py @@ -0,0 +1,1396 @@ +# -*- coding: utf-8 -*- +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os +# try/except added for compatibility with python < 3.8 +try: + from unittest import mock + from unittest.mock import AsyncMock # pragma: NO COVER +except ImportError: # pragma: NO COVER + import mock + +import grpc +from grpc.experimental import aio +import math +import pytest +from proto.marshal.rules.dates import DurationRule, TimestampRule +from proto.marshal.rules import wrappers + +from google.api_core import client_options +from google.api_core import exceptions as core_exceptions +from google.api_core import gapic_v1 +from google.api_core import grpc_helpers +from google.api_core import grpc_helpers_async +from google.api_core import path_template +from google.auth import credentials as ga_credentials +from google.auth.exceptions import MutualTLSChannelError +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client +from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports +from google.cloud.binaryauthorization_v1beta1.types import resources +from google.cloud.binaryauthorization_v1beta1.types import service +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import google.auth + + +def client_cert_source_callback(): + return b"cert bytes", b"key bytes" + + +# If default endpoint is localhost, then default mtls endpoint will be the same. +# This method modifies the default endpoint so the client can produce a different +# mtls endpoint for endpoint testing purposes. +def modify_default_endpoint(client): + return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT + + +def test__get_default_mtls_endpoint(): + api_endpoint = "example.googleapis.com" + api_mtls_endpoint = "example.mtls.googleapis.com" + sandbox_endpoint = "example.sandbox.googleapis.com" + sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" + non_googleapi = "api.example.com" + + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint + assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: + factory.return_value = creds + info = {"valid": True} + client = client_class.from_service_account_info(info, transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +@pytest.mark.parametrize("transport_class,transport_name", [ + (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=True) + use_jwt.assert_called_once_with(True) + + with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: + creds = service_account.Credentials(None, None, None) + transport = transport_class(credentials=creds, always_use_jwt_access=False) + use_jwt.assert_not_called() + + +@pytest.mark.parametrize("client_class,transport_name", [ + (SystemPolicyV1Beta1Client, "grpc"), + (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): + creds = ga_credentials.AnonymousCredentials() + with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: + factory.return_value = creds + client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) + assert client.transport._credentials == creds + assert isinstance(client, client_class) + + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + + +def test_system_policy_v1_beta1_client_get_transport_class(): + transport = SystemPolicyV1Beta1Client.get_transport_class() + available_transports = [ + transports.SystemPolicyV1Beta1GrpcTransport, + ] + assert transport in available_transports + + transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") + assert transport == transports.SystemPolicyV1Beta1GrpcTransport + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): + # Check that if channel is provided we won't create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials() + ) + client = client_class(transport=transport) + gtc.assert_not_called() + + # Check that if channel is provided via str we will create a new one. + with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: + client = client_class(transport=transport_name) + gtc.assert_called() + + # Check the case api_endpoint is provided. + options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name, client_options=options) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is + # "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_MTLS_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has + # unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): + with pytest.raises(MutualTLSChannelError): + client = client_class(transport=transport_name) + + # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): + with pytest.raises(ValueError): + client = client_class(transport=transport_name) + + # Check the case quota_project_id is provided + options = client_options.ClientOptions(quota_project_id="octopus") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id="octopus", + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + # Check the case api_endpoint is provided + options = client_options.ClientOptions(api_audience="https://language.googleapis.com") + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience="https://language.googleapis.com" + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) +def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): + # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default + # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. + + # Check the case client_cert_source is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + + if use_client_cert_env == "false": + expected_client_cert_source = None + expected_host = client.DEFAULT_ENDPOINT + else: + expected_client_cert_source = client_cert_source_callback + expected_host = client.DEFAULT_MTLS_ENDPOINT + + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case ADC client cert is provided. Whether client cert is used depends on + # GOOGLE_API_USE_CLIENT_CERTIFICATE value. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): + if use_client_cert_env == "false": + expected_host = client.DEFAULT_ENDPOINT + expected_client_cert_source = None + else: + expected_host = client.DEFAULT_MTLS_ENDPOINT + expected_client_cert_source = client_cert_source_callback + + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=expected_host, + scopes=None, + client_cert_source_for_mtls=expected_client_cert_source, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # Check the case client_cert_source and ADC client cert are not provided. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): + with mock.patch.object(transport_class, '__init__') as patched: + with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): + patched.return_value = None + client = client_class(transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class", [ + SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient +]) +@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) +@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) +def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): + mock_client_cert_source = mock.Mock() + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source == mock_client_cert_source + + # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): + mock_client_cert_source = mock.Mock() + mock_api_endpoint = "foo" + options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) + assert api_endpoint == mock_api_endpoint + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_ENDPOINT + assert cert_source is None + + # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. + with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): + with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): + with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): + api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() + assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT + assert cert_source == mock_client_cert_source + + +@pytest.mark.parametrize("client_class,transport_class,transport_name", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), +]) +def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): + # Check the case scopes are provided. + options = client_options.ClientOptions( + scopes=["1", "2"], + ) + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=["1", "2"], + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + +def test_system_policy_v1_beta1_client_client_options_from_dict(): + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: + grpc_transport.return_value = None + client = SystemPolicyV1Beta1Client( + client_options={'api_endpoint': 'squid.clam.whelk'} + ) + grpc_transport.assert_called_once_with( + credentials=None, + credentials_file=None, + host="squid.clam.whelk", + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + +@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), +]) +def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): + # Check the case credentials file is provided. + options = client_options.ClientOptions( + credentials_file="credentials.json" + ) + + with mock.patch.object(transport_class, '__init__') as patched: + patched.return_value = None + client = client_class(client_options=options, transport=transport_name) + patched.assert_called_once_with( + credentials=None, + credentials_file="credentials.json", + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) + + # test that the credentials from file are saved and used as the credentials. + with mock.patch.object( + google.auth, "load_credentials_from_file", autospec=True + ) as load_creds, mock.patch.object( + google.auth, "default", autospec=True + ) as adc, mock.patch.object( + grpc_helpers, "create_channel" + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + file_creds = ga_credentials.AnonymousCredentials() + load_creds.return_value = (file_creds, None) + adc.return_value = (creds, None) + client = client_class(client_options=options, transport=transport_name) + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=file_creds, + credentials_file=None, + quota_project_id=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=None, + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("request_type", [ + service.GetSystemPolicyRequest, + dict, +]) +def test_get_system_policy(request_type, transport: str = 'grpc'): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + ) + response = client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +def test_get_system_policy_empty_call(): + # This test is a coverage failsafe to make sure that totally empty calls, + # i.e. request == None and no flattened fields passed, work. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport='grpc', + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + client.get_system_policy() + call.assert_called() + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + +@pytest.mark.asyncio +async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # Everything is optional in proto3 as far as the runtime is concerned, + # and we are mocking out the actual API, so just send an empty request. + request = request_type() + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( + name='name_value', + description='description_value', + global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, + )) + response = await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == service.GetSystemPolicyRequest() + + # Establish that the response is the type that we expect. + assert isinstance(response, resources.Policy) + assert response.name == 'name_value' + assert response.description == 'description_value' + assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE + + +@pytest.mark.asyncio +async def test_get_system_policy_async_from_dict(): + await test_get_system_policy_async(request_type=dict) + + +def test_get_system_policy_field_headers(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = resources.Policy() + client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +@pytest.mark.asyncio +async def test_get_system_policy_field_headers_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Any value that is part of the HTTP/1.1 URI should be sent as + # a field header. Set these to a non-empty value. + request = service.GetSystemPolicyRequest() + + request.name = 'name_value' + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + await client.get_system_policy(request) + + # Establish that the underlying gRPC stub method was called. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + assert args[0] == request + + # Establish that the field header was sent. + _, _, kw = call.mock_calls[0] + assert ( + 'x-goog-request-params', + 'name=name_value', + ) in kw['metadata'] + + +def test_get_system_policy_flattened(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) == 1 + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + + +def test_get_system_policy_flattened_error(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Mock the actual call within the gRPC stub, and fake the request. + with mock.patch.object( + type(client.transport.get_system_policy), + '__call__') as call: + # Designate an appropriate return value for the call. + call.return_value = resources.Policy() + + call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) + # Call the method with a truthy value for each flattened field, + # using the keyword arguments to the method. + response = await client.get_system_policy( + name='name_value', + ) + + # Establish that the underlying call was made with the expected + # request object values. + assert len(call.mock_calls) + _, args, _ = call.mock_calls[0] + arg = args[0].name + mock_val = 'name_value' + assert arg == mock_val + +@pytest.mark.asyncio +async def test_get_system_policy_flattened_error_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Attempting to call a method with both a request object and flattened + # fields is an error. + with pytest.raises(ValueError): + await client.get_system_policy( + service.GetSystemPolicyRequest(), + name='name_value', + ) + + +def test_credentials_transport_error(): + # It is an error to provide credentials and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport, + ) + + # It is an error to provide a credentials file and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"credentials_file": "credentials.json"}, + transport=transport, + ) + + # It is an error to provide an api_key and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + options = client_options.ClientOptions() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + transport=transport, + ) + + # It is an error to provide an api_key and a credential. + options = mock.Mock() + options.api_key = "api_key" + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options=options, + credentials=ga_credentials.AnonymousCredentials() + ) + + # It is an error to provide scopes and a transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + with pytest.raises(ValueError): + client = SystemPolicyV1Beta1Client( + client_options={"scopes": ["1", "2"]}, + transport=transport, + ) + + +def test_transport_instance(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + client = SystemPolicyV1Beta1Client(transport=transport) + assert client.transport is transport + +def test_transport_get_channel(): + # A client may be instantiated with a custom transport instance. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + credentials=ga_credentials.AnonymousCredentials(), + ) + channel = transport.grpc_channel + assert channel + +@pytest.mark.parametrize("transport_class", [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, +]) +def test_transport_adc(transport_class): + # Test default credentials are used if not provided. + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class() + adc.assert_called_once() + +@pytest.mark.parametrize("transport_name", [ + "grpc", +]) +def test_transport_kind(transport_name): + transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert transport.kind == transport_name + +def test_transport_grpc_default(): + # A client should use the gRPC transport by default. + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + ) + assert isinstance( + client.transport, + transports.SystemPolicyV1Beta1GrpcTransport, + ) + +def test_system_policy_v1_beta1_base_transport_error(): + # Passing both a credentials object and credentials_file should raise an error + with pytest.raises(core_exceptions.DuplicateCredentialArgs): + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + credentials_file="credentials.json" + ) + + +def test_system_policy_v1_beta1_base_transport(): + # Instantiate the base transport. + with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: + Transport.return_value = None + transport = transports.SystemPolicyV1Beta1Transport( + credentials=ga_credentials.AnonymousCredentials(), + ) + + # Every method on the transport should just blindly + # raise NotImplementedError. + methods = ( + 'get_system_policy', + ) + for method in methods: + with pytest.raises(NotImplementedError): + getattr(transport, method)(request=object()) + + with pytest.raises(NotImplementedError): + transport.close() + + # Catch all for all remaining methods and properties + remainder = [ + 'kind', + ] + for r in remainder: + with pytest.raises(NotImplementedError): + getattr(transport, r)() + + +def test_system_policy_v1_beta1_base_transport_with_credentials_file(): + # Instantiate the base transport with a credentials file + with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport( + credentials_file="credentials.json", + quota_project_id="octopus", + ) + load_creds.assert_called_once_with("credentials.json", + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id="octopus", + ) + + +def test_system_policy_v1_beta1_base_transport_with_adc(): + # Test the default credentials are used if credentials and credentials_file are None. + with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: + Transport.return_value = None + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport = transports.SystemPolicyV1Beta1Transport() + adc.assert_called_once() + + +def test_system_policy_v1_beta1_auth_adc(): + # If no credentials are provided, we should use ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + SystemPolicyV1Beta1Client() + adc.assert_called_once_with( + scopes=None, + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + quota_project_id=None, + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_adc(transport_class): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + adc.return_value = (ga_credentials.AnonymousCredentials(), None) + transport_class(quota_project_id="octopus", scopes=["1", "2"]) + adc.assert_called_once_with( + scopes=["1", "2"], + default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), + quota_project_id="octopus", + ) + + +@pytest.mark.parametrize( + "transport_class", + [ + transports.SystemPolicyV1Beta1GrpcTransport, + transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, + ], +) +def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): + host = 'https://language.com' + api_audience_tests = [None, 'https://language2.com'] + api_audience_expect = [host, 'https://language2.com'] + for t, e in zip(api_audience_tests, api_audience_expect): + with mock.patch.object(google.auth, 'default', autospec=True) as adc: + gdch_mock = mock.MagicMock() + type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) + adc.return_value = (gdch_mock, None) + transport_class(host=host, api_audience=t) + gdch_mock.with_gdch_audience.assert_called_once_with( + e + ) + + +@pytest.mark.parametrize( + "transport_class,grpc_helpers", + [ + (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), + (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) + ], +) +def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): + # If credentials and host are not provided, the transport class should use + # ADC credentials. + with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( + grpc_helpers, "create_channel", autospec=True + ) as create_channel: + creds = ga_credentials.AnonymousCredentials() + adc.return_value = (creds, None) + transport_class( + quota_project_id="octopus", + scopes=["1", "2"] + ) + + create_channel.assert_called_with( + "binaryauthorization.googleapis.com:443", + credentials=creds, + credentials_file=None, + quota_project_id="octopus", + default_scopes=( + 'https://www.googleapis.com/auth/cloud-platform', +), + scopes=["1", "2"], + default_host="binaryauthorization.googleapis.com", + ssl_credentials=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( + transport_class +): + cred = ga_credentials.AnonymousCredentials() + + # Check ssl_channel_credentials is used if provided. + with mock.patch.object(transport_class, "create_channel") as mock_create_channel: + mock_ssl_channel_creds = mock.Mock() + transport_class( + host="squid.clam.whelk", + credentials=cred, + ssl_channel_credentials=mock_ssl_channel_creds + ) + mock_create_channel.assert_called_once_with( + "squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_channel_creds, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + + # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls + # is used. + with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): + with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: + transport_class( + credentials=cred, + client_cert_source_for_mtls=client_cert_source_callback + ) + expected_cert, expected_key = client_cert_source_callback() + mock_ssl_cred.assert_called_once_with( + certificate_chain=expected_cert, + private_key=expected_key + ) + + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_no_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:443' + ) + +@pytest.mark.parametrize("transport_name", [ + "grpc", + "grpc_asyncio", +]) +def test_system_policy_v1_beta1_host_with_port(transport_name): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), + transport=transport_name, + ) + assert client.transport._host == ( + 'binaryauthorization.googleapis.com:8000' + ) + +def test_system_policy_v1_beta1_grpc_transport_channel(): + channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): + channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) + + # Check that channel is used if provided. + transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( + host="squid.clam.whelk", + channel=channel, + ) + assert transport.grpc_channel == channel + assert transport._host == "squid.clam.whelk:443" + assert transport._ssl_channel_credentials == None + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( + transport_class +): + with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_ssl_cred = mock.Mock() + grpc_ssl_channel_cred.return_value = mock_ssl_cred + + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + + cred = ga_credentials.AnonymousCredentials() + with pytest.warns(DeprecationWarning): + with mock.patch.object(google.auth, 'default') as adc: + adc.return_value = (cred, None) + transport = transport_class( + host="squid.clam.whelk", + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=client_cert_source_callback, + ) + adc.assert_called_once() + + grpc_ssl_channel_cred.assert_called_once_with( + certificate_chain=b"cert bytes", private_key=b"key bytes" + ) + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + assert transport._ssl_channel_credentials == mock_ssl_cred + + +# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are +# removed from grpc/grpc_asyncio transport constructor. +@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) +def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( + transport_class +): + mock_ssl_cred = mock.Mock() + with mock.patch.multiple( + "google.auth.transport.grpc.SslCredentials", + __init__=mock.Mock(return_value=None), + ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), + ): + with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: + mock_grpc_channel = mock.Mock() + grpc_create_channel.return_value = mock_grpc_channel + mock_cred = mock.Mock() + + with pytest.warns(DeprecationWarning): + transport = transport_class( + host="squid.clam.whelk", + credentials=mock_cred, + api_mtls_endpoint="mtls.squid.clam.whelk", + client_cert_source=None, + ) + + grpc_create_channel.assert_called_once_with( + "mtls.squid.clam.whelk:443", + credentials=mock_cred, + credentials_file=None, + scopes=None, + ssl_credentials=mock_ssl_cred, + quota_project_id=None, + options=[ + ("grpc.max_send_message_length", -1), + ("grpc.max_receive_message_length", -1), + ], + ) + assert transport.grpc_channel == mock_grpc_channel + + +def test_policy_path(): + project = "squid" + expected = "projects/{project}/policy".format(project=project, ) + actual = SystemPolicyV1Beta1Client.policy_path(project) + assert expected == actual + + +def test_parse_policy_path(): + expected = { + "project": "clam", + } + path = SystemPolicyV1Beta1Client.policy_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_policy_path(path) + assert expected == actual + +def test_common_billing_account_path(): + billing_account = "whelk" + expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) + actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) + assert expected == actual + + +def test_parse_common_billing_account_path(): + expected = { + "billing_account": "octopus", + } + path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) + assert expected == actual + +def test_common_folder_path(): + folder = "oyster" + expected = "folders/{folder}".format(folder=folder, ) + actual = SystemPolicyV1Beta1Client.common_folder_path(folder) + assert expected == actual + + +def test_parse_common_folder_path(): + expected = { + "folder": "nudibranch", + } + path = SystemPolicyV1Beta1Client.common_folder_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) + assert expected == actual + +def test_common_organization_path(): + organization = "cuttlefish" + expected = "organizations/{organization}".format(organization=organization, ) + actual = SystemPolicyV1Beta1Client.common_organization_path(organization) + assert expected == actual + + +def test_parse_common_organization_path(): + expected = { + "organization": "mussel", + } + path = SystemPolicyV1Beta1Client.common_organization_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) + assert expected == actual + +def test_common_project_path(): + project = "winkle" + expected = "projects/{project}".format(project=project, ) + actual = SystemPolicyV1Beta1Client.common_project_path(project) + assert expected == actual + + +def test_parse_common_project_path(): + expected = { + "project": "nautilus", + } + path = SystemPolicyV1Beta1Client.common_project_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) + assert expected == actual + +def test_common_location_path(): + project = "scallop" + location = "abalone" + expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) + actual = SystemPolicyV1Beta1Client.common_location_path(project, location) + assert expected == actual + + +def test_parse_common_location_path(): + expected = { + "project": "squid", + "location": "clam", + } + path = SystemPolicyV1Beta1Client.common_location_path(**expected) + + # Check that the path construction is reversible. + actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) + assert expected == actual + + +def test_client_with_default_client_info(): + client_info = gapic_v1.client_info.ClientInfo() + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + + with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: + transport_class = SystemPolicyV1Beta1Client.get_transport_class() + transport = transport_class( + credentials=ga_credentials.AnonymousCredentials(), + client_info=client_info, + ) + prep.assert_called_once_with(client_info) + +@pytest.mark.asyncio +async def test_transport_close_async(): + client = SystemPolicyV1Beta1AsyncClient( + credentials=ga_credentials.AnonymousCredentials(), + transport="grpc_asyncio", + ) + with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: + async with client: + close.assert_not_called() + close.assert_called_once() + + +def test_transport_close(): + transports = { + "grpc": "_grpc_channel", + } + + for transport, close_name in transports.items(): + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: + with client: + close.assert_not_called() + close.assert_called_once() + +def test_client_ctx(): + transports = [ + 'grpc', + ] + for transport in transports: + client = SystemPolicyV1Beta1Client( + credentials=ga_credentials.AnonymousCredentials(), + transport=transport + ) + # Test client calls underlying transport. + with mock.patch.object(type(client.transport), "close") as close: + close.assert_not_called() + with client: + pass + close.assert_called() + +@pytest.mark.parametrize("client_class,transport_class", [ + (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), + (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), +]) +def test_api_key_credentials(client_class, transport_class): + with mock.patch.object( + google.auth._default, "get_api_key_credentials", create=True + ) as get_api_key_credentials: + mock_cred = mock.Mock() + get_api_key_credentials.return_value = mock_cred + options = client_options.ClientOptions() + options.api_key = "api_key" + with mock.patch.object(transport_class, "__init__") as patched: + patched.return_value = None + client = client_class(client_options=options) + patched.assert_called_once_with( + credentials=mock_cred, + credentials_file=None, + host=client.DEFAULT_ENDPOINT, + scopes=None, + client_cert_source_for_mtls=None, + quota_project_id=None, + client_info=transports.base.DEFAULT_CLIENT_INFO, + always_use_jwt_access=True, + api_audience=None, + ) From 55b4f9b0c11a4ecfcd1985bb5adacebd5fe8ce46 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Sat, 12 Nov 2022 16:20:20 +0000 Subject: [PATCH 14/18] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot=20?= =?UTF-8?q?post-processor?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- docs/binaryauthorization_v1/types.rst | 1 - docs/binaryauthorization_v1beta1/types.rst | 1 - owl-bot-staging/v1/.coveragerc | 17 - owl-bot-staging/v1/.flake8 | 33 - owl-bot-staging/v1/MANIFEST.in | 2 - owl-bot-staging/v1/README.rst | 49 - .../binauthz_management_service_v1.rst | 10 - .../docs/binaryauthorization_v1/services.rst | 8 - .../system_policy_v1.rst | 6 - .../v1/docs/binaryauthorization_v1/types.rst | 6 - .../validation_helper_v1.rst | 6 - owl-bot-staging/v1/docs/conf.py | 376 -- owl-bot-staging/v1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 71 - .../binaryauthorization/gapic_version.py | 16 - .../google/cloud/binaryauthorization/py.typed | 2 - .../cloud/binaryauthorization_v1/__init__.py | 72 - .../gapic_metadata.json | 141 - .../cloud/binaryauthorization_v1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1057 ------ .../binauthz_management_service_v1/client.py | 1225 ------- .../binauthz_management_service_v1/pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 465 --- .../transports/grpc_asyncio.py | 464 --- .../services/system_policy_v1/__init__.py | 22 - .../services/system_policy_v1/async_client.py | 308 -- .../services/system_policy_v1/client.py | 509 --- .../system_policy_v1/transports/__init__.py | 33 - .../system_policy_v1/transports/base.py | 155 - .../system_policy_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../services/validation_helper_v1/__init__.py | 22 - .../validation_helper_v1/async_client.py | 285 -- .../services/validation_helper_v1/client.py | 478 --- .../transports/__init__.py | 33 - .../validation_helper_v1/transports/base.py | 154 - .../validation_helper_v1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../binaryauthorization_v1/types/__init__.py | 58 - .../binaryauthorization_v1/types/resources.py | 463 --- .../binaryauthorization_v1/types/service.py | 319 -- owl-bot-staging/v1/mypy.ini | 3 - owl-bot-staging/v1/noxfile.py | 179 - ...gement_service_v1_create_attestor_async.py | 58 - ...agement_service_v1_create_attestor_sync.py | 58 - ...gement_service_v1_delete_attestor_async.py | 50 - ...agement_service_v1_delete_attestor_sync.py | 50 - ...anagement_service_v1_get_attestor_async.py | 52 - ...management_service_v1_get_attestor_sync.py | 52 - ..._management_service_v1_get_policy_async.py | 52 - ...z_management_service_v1_get_policy_sync.py | 52 - ...agement_service_v1_list_attestors_async.py | 53 - ...nagement_service_v1_list_attestors_sync.py | 53 - ...gement_service_v1_update_attestor_async.py | 56 - ...agement_service_v1_update_attestor_sync.py | 56 - ...nagement_service_v1_update_policy_async.py | 56 - ...anagement_service_v1_update_policy_sync.py | 56 - ...ystem_policy_v1_get_system_policy_async.py | 52 - ...system_policy_v1_get_system_policy_sync.py | 52 - ...1_validate_attestation_occurrence_async.py | 54 - ...v1_validate_attestation_occurrence_sync.py | 54 - ...a_google.cloud.binaryauthorization.v1.json | 1466 -------- .../fixup_binaryauthorization_v1_keywords.py | 184 - owl-bot-staging/v1/setup.py | 90 - .../v1/testing/constraints-3.10.txt | 6 - .../v1/testing/constraints-3.11.txt | 6 - .../v1/testing/constraints-3.7.txt | 9 - .../v1/testing/constraints-3.8.txt | 6 - .../v1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1/tests/__init__.py | 16 - owl-bot-staging/v1/tests/unit/__init__.py | 16 - .../v1/tests/unit/gapic/__init__.py | 16 - .../gapic/binaryauthorization_v1/__init__.py | 16 - .../test_binauthz_management_service_v1.py | 3039 ----------------- .../test_system_policy_v1.py | 1396 -------- .../test_validation_helper_v1.py | 1293 ------- owl-bot-staging/v1beta1/.coveragerc | 17 - owl-bot-staging/v1beta1/.flake8 | 33 - owl-bot-staging/v1beta1/MANIFEST.in | 2 - owl-bot-staging/v1beta1/README.rst | 49 - .../binauthz_management_service_v1_beta1.rst | 10 - .../binaryauthorization_v1beta1/services.rst | 7 - .../system_policy_v1_beta1.rst | 6 - .../binaryauthorization_v1beta1/types.rst | 6 - owl-bot-staging/v1beta1/docs/conf.py | 376 -- owl-bot-staging/v1beta1/docs/index.rst | 7 - .../cloud/binaryauthorization/__init__.py | 65 - .../binaryauthorization/gapic_version.py | 16 - .../google/cloud/binaryauthorization/py.typed | 2 - .../binaryauthorization_v1beta1/__init__.py | 66 - .../gapic_metadata.json | 117 - .../binaryauthorization_v1beta1/py.typed | 2 - .../services/__init__.py | 15 - .../__init__.py | 22 - .../async_client.py | 1063 ------ .../client.py | 1231 ------- .../pagers.py | 140 - .../transports/__init__.py | 33 - .../transports/base.py | 282 -- .../transports/grpc.py | 469 --- .../transports/grpc_asyncio.py | 468 --- .../system_policy_v1_beta1/__init__.py | 22 - .../system_policy_v1_beta1/async_client.py | 309 -- .../services/system_policy_v1_beta1/client.py | 510 --- .../transports/__init__.py | 33 - .../system_policy_v1_beta1/transports/base.py | 155 - .../system_policy_v1_beta1/transports/grpc.py | 266 -- .../transports/grpc_asyncio.py | 265 -- .../types/__init__.py | 58 - .../types/continuous_validation_logging.py | 163 - .../types/resources.py | 463 --- .../types/service.py | 243 -- owl-bot-staging/v1beta1/mypy.ini | 3 - owl-bot-staging/v1beta1/noxfile.py | 179 - ..._service_v1_beta1_create_attestor_async.py | 58 - ...t_service_v1_beta1_create_attestor_sync.py | 58 - ..._service_v1_beta1_delete_attestor_async.py | 50 - ...t_service_v1_beta1_delete_attestor_sync.py | 50 - ...ent_service_v1_beta1_get_attestor_async.py | 52 - ...ment_service_v1_beta1_get_attestor_sync.py | 52 - ...ement_service_v1_beta1_get_policy_async.py | 52 - ...gement_service_v1_beta1_get_policy_sync.py | 52 - ...t_service_v1_beta1_list_attestors_async.py | 53 - ...nt_service_v1_beta1_list_attestors_sync.py | 53 - ..._service_v1_beta1_update_attestor_async.py | 56 - ...t_service_v1_beta1_update_attestor_sync.py | 56 - ...nt_service_v1_beta1_update_policy_async.py | 56 - ...ent_service_v1_beta1_update_policy_sync.py | 56 - ...policy_v1_beta1_get_system_policy_async.py | 52 - ..._policy_v1_beta1_get_system_policy_sync.py | 52 - ...gle.cloud.binaryauthorization.v1beta1.json | 1313 ------- ...up_binaryauthorization_v1beta1_keywords.py | 183 - owl-bot-staging/v1beta1/setup.py | 90 - .../v1beta1/testing/constraints-3.10.txt | 6 - .../v1beta1/testing/constraints-3.11.txt | 6 - .../v1beta1/testing/constraints-3.7.txt | 9 - .../v1beta1/testing/constraints-3.8.txt | 6 - .../v1beta1/testing/constraints-3.9.txt | 6 - owl-bot-staging/v1beta1/tests/__init__.py | 16 - .../v1beta1/tests/unit/__init__.py | 16 - .../v1beta1/tests/unit/gapic/__init__.py | 16 - .../binaryauthorization_v1beta1/__init__.py | 16 - ...st_binauthz_management_service_v1_beta1.py | 3039 ----------------- .../test_system_policy_v1_beta1.py | 1396 -------- testing/constraints-3.7.txt | 2 - 149 files changed, 31294 deletions(-) delete mode 100644 owl-bot-staging/v1/.coveragerc delete mode 100644 owl-bot-staging/v1/.flake8 delete mode 100644 owl-bot-staging/v1/MANIFEST.in delete mode 100644 owl-bot-staging/v1/README.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst delete mode 100644 owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst delete mode 100644 owl-bot-staging/v1/docs/conf.py delete mode 100644 owl-bot-staging/v1/docs/index.rst delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py delete mode 100644 owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py delete mode 100644 owl-bot-staging/v1/mypy.ini delete mode 100644 owl-bot-staging/v1/noxfile.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py delete mode 100644 owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json delete mode 100644 owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py delete mode 100644 owl-bot-staging/v1/setup.py delete mode 100644 owl-bot-staging/v1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1/tests/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py delete mode 100644 owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py delete mode 100644 owl-bot-staging/v1beta1/.coveragerc delete mode 100644 owl-bot-staging/v1beta1/.flake8 delete mode 100644 owl-bot-staging/v1beta1/MANIFEST.in delete mode 100644 owl-bot-staging/v1beta1/README.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst delete mode 100644 owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst delete mode 100644 owl-bot-staging/v1beta1/docs/conf.py delete mode 100644 owl-bot-staging/v1beta1/docs/index.rst delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py delete mode 100644 owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py delete mode 100644 owl-bot-staging/v1beta1/mypy.ini delete mode 100644 owl-bot-staging/v1beta1/noxfile.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py delete mode 100644 owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json delete mode 100644 owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py delete mode 100644 owl-bot-staging/v1beta1/setup.py delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.10.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.11.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.7.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.8.txt delete mode 100644 owl-bot-staging/v1beta1/testing/constraints-3.9.txt delete mode 100644 owl-bot-staging/v1beta1/tests/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py delete mode 100644 owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py diff --git a/docs/binaryauthorization_v1/types.rst b/docs/binaryauthorization_v1/types.rst index f693b22..31fd1da 100644 --- a/docs/binaryauthorization_v1/types.rst +++ b/docs/binaryauthorization_v1/types.rst @@ -3,5 +3,4 @@ Types for Google Cloud Binaryauthorization v1 API .. automodule:: google.cloud.binaryauthorization_v1.types :members: - :undoc-members: :show-inheritance: diff --git a/docs/binaryauthorization_v1beta1/types.rst b/docs/binaryauthorization_v1beta1/types.rst index aa0d435..3b8ecee 100644 --- a/docs/binaryauthorization_v1beta1/types.rst +++ b/docs/binaryauthorization_v1beta1/types.rst @@ -3,5 +3,4 @@ Types for Google Cloud Binaryauthorization v1beta1 API .. automodule:: google.cloud.binaryauthorization_v1beta1.types :members: - :undoc-members: :show-inheritance: diff --git a/owl-bot-staging/v1/.coveragerc b/owl-bot-staging/v1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1/.flake8 b/owl-bot-staging/v1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1/MANIFEST.in b/owl-bot-staging/v1/MANIFEST.in deleted file mode 100644 index 25c03c6..0000000 --- a/owl-bot-staging/v1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1 *.py diff --git a/owl-bot-staging/v1/README.rst b/owl-bot-staging/v1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst deleted file mode 100644 index 1d11618..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/binauthz_management_service_v1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1 ---------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst deleted file mode 100644 index d8423c9..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/services.rst +++ /dev/null @@ -1,8 +0,0 @@ -Services for Google Cloud Binaryauthorization v1 API -==================================================== -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1 - system_policy_v1 - validation_helper_v1 diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst deleted file mode 100644 index da7e2d4..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/system_policy_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1 --------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.system_policy_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst deleted file mode 100644 index 31fd1da..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/types.rst +++ /dev/null @@ -1,6 +0,0 @@ -Types for Google Cloud Binaryauthorization v1 API -================================================= - -.. automodule:: google.cloud.binaryauthorization_v1.types - :members: - :show-inheritance: diff --git a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst b/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst deleted file mode 100644 index 5d92ddc..0000000 --- a/owl-bot-staging/v1/docs/binaryauthorization_v1/validation_helper_v1.rst +++ /dev/null @@ -1,6 +0,0 @@ -ValidationHelperV1 ------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1.services.validation_helper_v1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1/docs/conf.py b/owl-bot-staging/v1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1/docs/index.rst b/owl-bot-staging/v1/docs/index.rst deleted file mode 100644 index 5c33d39..0000000 --- a/owl-bot-staging/v1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1/services - binaryauthorization_v1/types diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index cd87c27..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,71 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ValidationHelperV1AsyncClient - -from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1.types.resources import Attestor -from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1.types.resources import Policy -from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote -from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceRequest -from google.cloud.binaryauthorization_v1.types.service import ValidateAttestationOccurrenceResponse - -__all__ = ('BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py deleted file mode 100644 index 35859c3..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/gapic_version.py +++ /dev/null @@ -1,16 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -__version__ = "0.1.0" diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py deleted file mode 100644 index 4a0253e..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,72 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from .services.system_policy_v1 import SystemPolicyV1Client -from .services.system_policy_v1 import SystemPolicyV1AsyncClient -from .services.validation_helper_v1 import ValidationHelperV1Client -from .services.validation_helper_v1 import ValidationHelperV1AsyncClient - -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedGrafeasNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest -from .types.service import ValidateAttestationOccurrenceRequest -from .types.service import ValidateAttestationOccurrenceResponse - -__all__ = ( - 'BinauthzManagementServiceV1AsyncClient', - 'SystemPolicyV1AsyncClient', - 'ValidationHelperV1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Client', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedGrafeasNote', -'ValidateAttestationOccurrenceRequest', -'ValidateAttestationOccurrenceResponse', -'ValidationHelperV1Client', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json deleted file mode 100644 index 1d349e7..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/gapic_metadata.json +++ /dev/null @@ -1,141 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1", - "protoPackage": "google.cloud.binaryauthorization.v1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - }, - "ValidationHelperV1": { - "clients": { - "grpc": { - "libraryClient": "ValidationHelperV1Client", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - }, - "grpc-async": { - "libraryClient": "ValidationHelperV1AsyncClient", - "rpcs": { - "ValidateAttestationOccurrence": { - "methods": [ - "validate_attestation_occurrence" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py deleted file mode 100644 index eb79aec..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Client -from .async_client import BinauthzManagementServiceV1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Client', - 'BinauthzManagementServiceV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py deleted file mode 100644 index f528e30..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py +++ /dev/null @@ -1,1057 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Client - - -class BinauthzManagementServiceV1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - _client: BinauthzManagementServiceV1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_info.__func__(BinauthzManagementServiceV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Client.from_service_account_file.__func__(BinauthzManagementServiceV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Client).get_transport_class, type(BinauthzManagementServiceV1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py deleted file mode 100644 index 0fbbe00..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ /dev/null @@ -1,1225 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[BinauthzManagementServiceV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Client(metaclass=BinauthzManagementServiceV1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, BinauthzManagementServiceV1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Transport): - # transport is a BinauthzManagementServiceV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py deleted file mode 100644 index 2c7aa53..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py deleted file mode 100644 index 7ab66d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Transport -from .grpc import BinauthzManagementServiceV1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Transport', - 'BinauthzManagementServiceV1GrpcTransport', - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py deleted file mode 100644 index 8b1f99d..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py deleted file mode 100644 index d585f2d..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py +++ /dev/null @@ -1,465 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): - """gRPC backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py deleted file mode 100644 index 4b785bf..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,464 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1GrpcTransport - - -class BinauthzManagementServiceV1GrpcAsyncIOTransport(BinauthzManagementServiceV1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1.Policy] specifies - the [attestors][google.cloud.binaryauthorization.v1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the [policy][google.cloud.binaryauthorization.v1.Policy] - for this project. Returns a default - [policy][google.cloud.binaryauthorization.v1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1.Policy]. A policy - is always updated as a whole, to avoid race conditions with - concurrent policy enforcement (or management!) requests. Returns - NOT_FOUND if the project does not exist, INVALID_ARGUMENT if the - request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1.Attestor], and - returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the [attestor][google.cloud.binaryauthorization.v1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists [attestors][google.cloud.binaryauthorization.v1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1.Attestor] does - not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py deleted file mode 100644 index 61a11e8..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Client -from .async_client import SystemPolicyV1AsyncClient - -__all__ = ( - 'SystemPolicyV1Client', - 'SystemPolicyV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py deleted file mode 100644 index 1d2b8ea..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py +++ /dev/null @@ -1,308 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport -from .client import SystemPolicyV1Client - - -class SystemPolicyV1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_info.__func__(SystemPolicyV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1AsyncClient: The constructed client. - """ - return SystemPolicyV1Client.from_service_account_file.__func__(SystemPolicyV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Client).get_transport_class, type(SystemPolicyV1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py deleted file mode 100644 index 9eba291..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ /dev/null @@ -1,509 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -class SystemPolicyV1ClientMeta(type): - """Metaclass for the SystemPolicyV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] - _transport_registry["grpc"] = SystemPolicyV1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[SystemPolicyV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Client(metaclass=SystemPolicyV1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, SystemPolicyV1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Transport): - # transport is a SystemPolicyV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.Policy: - A [policy][google.cloud.binaryauthorization.v1.Policy] - for container image binary authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py deleted file mode 100644 index feea8d2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Transport -from .grpc import SystemPolicyV1GrpcTransport -from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] -_transport_registry['grpc'] = SystemPolicyV1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Transport', - 'SystemPolicyV1GrpcTransport', - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py deleted file mode 100644 index ab3d729..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py deleted file mode 100644 index 61d64c9..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): - """gRPC backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py deleted file mode 100644 index 3a0e56c..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1GrpcTransport - - -class SystemPolicyV1GrpcAsyncIOTransport(SystemPolicyV1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.SystemPolicyV1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py deleted file mode 100644 index 5a441c1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import ValidationHelperV1Client -from .async_client import ValidationHelperV1AsyncClient - -__all__ = ( - 'ValidationHelperV1Client', - 'ValidationHelperV1AsyncClient', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py deleted file mode 100644 index e6b4ad4..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py +++ /dev/null @@ -1,285 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport -from .client import ValidationHelperV1Client - - -class ValidationHelperV1AsyncClient: - """BinAuthz Attestor verification""" - - _client: ValidationHelperV1Client - - DEFAULT_ENDPOINT = ValidationHelperV1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = ValidationHelperV1Client.DEFAULT_MTLS_ENDPOINT - - common_billing_account_path = staticmethod(ValidationHelperV1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(ValidationHelperV1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(ValidationHelperV1Client.common_folder_path) - parse_common_folder_path = staticmethod(ValidationHelperV1Client.parse_common_folder_path) - common_organization_path = staticmethod(ValidationHelperV1Client.common_organization_path) - parse_common_organization_path = staticmethod(ValidationHelperV1Client.parse_common_organization_path) - common_project_path = staticmethod(ValidationHelperV1Client.common_project_path) - parse_common_project_path = staticmethod(ValidationHelperV1Client.parse_common_project_path) - common_location_path = staticmethod(ValidationHelperV1Client.common_location_path) - parse_common_location_path = staticmethod(ValidationHelperV1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_info.__func__(ValidationHelperV1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1AsyncClient: The constructed client. - """ - return ValidationHelperV1Client.from_service_account_file.__func__(ValidationHelperV1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return ValidationHelperV1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(ValidationHelperV1Client).get_transport_class, type(ValidationHelperV1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, ValidationHelperV1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = ValidationHelperV1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def validate_attestation_occurrence(self, - request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.validate_attestation_occurrence, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1AsyncClient", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py deleted file mode 100644 index d4d3744..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ /dev/null @@ -1,478 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import ValidationHelperV1GrpcTransport -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -class ValidationHelperV1ClientMeta(type): - """Metaclass for the ValidationHelperV1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] - _transport_registry["grpc"] = ValidationHelperV1GrpcTransport - _transport_registry["grpc_asyncio"] = ValidationHelperV1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[ValidationHelperV1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class ValidationHelperV1Client(metaclass=ValidationHelperV1ClientMeta): - """BinAuthz Attestor verification""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - ValidationHelperV1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> ValidationHelperV1Transport: - """Returns the transport used by the client instance. - - Returns: - ValidationHelperV1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, ValidationHelperV1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the validation helper v1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ValidationHelperV1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, ValidationHelperV1Transport): - # transport is a ValidationHelperV1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def validate_attestation_occurrence(self, - request: Optional[Union[service.ValidateAttestationOccurrenceRequest, dict]] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> service.ValidateAttestationOccurrenceResponse: - r"""Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1 - - def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest, dict]): - The request object. Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse: - Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - """ - # Create or coerce a protobuf request object. - # Minor optimization to avoid making a copy if the user passes - # in a service.ValidateAttestationOccurrenceRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ValidateAttestationOccurrenceRequest): - request = service.ValidateAttestationOccurrenceRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.validate_attestation_occurrence] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor", request.attestor), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "ValidationHelperV1Client", -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py deleted file mode 100644 index 09986f1..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import ValidationHelperV1Transport -from .grpc import ValidationHelperV1GrpcTransport -from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[ValidationHelperV1Transport]] -_transport_registry['grpc'] = ValidationHelperV1GrpcTransport -_transport_registry['grpc_asyncio'] = ValidationHelperV1GrpcAsyncIOTransport - -__all__ = ( - 'ValidationHelperV1Transport', - 'ValidationHelperV1GrpcTransport', - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py deleted file mode 100644 index 900d488..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py +++ /dev/null @@ -1,154 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class ValidationHelperV1Transport(abc.ABC): - """Abstract transport class for ValidationHelperV1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.validate_attestation_occurrence: gapic_v1.method.wrap_method( - self.validate_attestation_occurrence, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Union[ - service.ValidateAttestationOccurrenceResponse, - Awaitable[service.ValidateAttestationOccurrenceResponse] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'ValidationHelperV1Transport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py deleted file mode 100644 index 38bdba5..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO - - -class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): - """gRPC backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - service.ValidateAttestationOccurrenceResponse]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - ~.ValidateAttestationOccurrenceResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'ValidationHelperV1GrpcTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py deleted file mode 100644 index 468b3f2..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .grpc import ValidationHelperV1GrpcTransport - - -class ValidationHelperV1GrpcAsyncIOTransport(ValidationHelperV1Transport): - """gRPC AsyncIO backend transport for ValidationHelperV1. - - BinAuthz Attestor verification - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def validate_attestation_occurrence(self) -> Callable[ - [service.ValidateAttestationOccurrenceRequest], - Awaitable[service.ValidateAttestationOccurrenceResponse]]: - r"""Return a callable for the validate attestation - occurrence method over gRPC. - - Returns whether the given Attestation for the given - image URI was signed by the given Attestor - - Returns: - Callable[[~.ValidateAttestationOccurrenceRequest], - Awaitable[~.ValidateAttestationOccurrenceResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'validate_attestation_occurrence' not in self._stubs: - self._stubs['validate_attestation_occurrence'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1.ValidationHelperV1/ValidateAttestationOccurrence', - request_serializer=service.ValidateAttestationOccurrenceRequest.serialize, - response_deserializer=service.ValidateAttestationOccurrenceResponse.deserialize, - ) - return self._stubs['validate_attestation_occurrence'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'ValidationHelperV1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py deleted file mode 100644 index cddd9b9..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedGrafeasNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, - ValidateAttestationOccurrenceRequest, - ValidateAttestationOccurrenceResponse, -) - -__all__ = ( - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedGrafeasNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', -) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py deleted file mode 100644 index 8c3e400..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/resources.py +++ /dev/null @@ -1,463 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedGrafeasNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1.Policy] for container - image binary authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: [a-z.-]+, e.g. 'some-namespace' - kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. 'test-ns:default' - istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1.types.AdmissionRule]): - Optional. Per-istio-service-identity - admission rules. Istio service identity spec - format: - spiffe:///ns//sa/ - or /ns//sa/ - e.g. spiffe://example.com/ns/test-ns/sa/default - default_admission_rule (google.cloud.binaryauthorization_v1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule: 'AdmissionRule' = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - wildcard, but this is allowed only in text after the - ``registry/`` part. This also supports a trailing ``**`` - wildcard which matches subdirectories of a given entry. - """ - - name_pattern: str = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1.AdmissionRule] specifies - either that all container images used in a pod creation request must - be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1.Attestor], that all - pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (MutableSequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode: EvaluationMode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by: MutableSequence[str] = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode: EnforcementMode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1.Attestor] that - attests to container image artifacts. An existing attestor cannot be - modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_grafeas_note (google.cloud.binaryauthorization_v1.types.UserOwnedGrafeasNote): - This specifies how an attestation will be - read, and how it will be used during policy - enforcement. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - user_owned_grafeas_note: 'UserOwnedGrafeasNote' = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedGrafeasNote', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedGrafeasNote(proto.Message): - r"""An [user owned Grafeas - note][google.cloud.binaryauthorization.v1.UserOwnedGrafeasNote] - references a Grafeas Attestation.Authority Note created by the user. - - Attributes: - note_reference (str): - Required. The Grafeas resource name of a - Attestation.Authority Note, created by the user, in the - format: ``projects/*/notes/*``. This field may not be - updated. - - An attestation by this attestor is stored as a Grafeas - Attestation.Authority Occurrence that names a container - image and that links to this Note. Grafeas is an external - dependency. - public_keys (MutableSequence[google.cloud.binaryauthorization_v1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference: str = proto.Field( - proto.STRING, - number=1, - ) - public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email: str = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem: str = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm: SignatureAlgorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that - will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment: str = proto.Field( - proto.STRING, - number=1, - ) - id: str = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key: str = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key: 'PkixPublicKey' = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py b/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py deleted file mode 100644 index b05cf8b..0000000 --- a/owl-bot-staging/v1/google/cloud/binaryauthorization_v1/types/service.py +++ /dev/null @@ -1,319 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from grafeas.v1 import attestation_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - 'ValidateAttestationOccurrenceRequest', - 'ValidateAttestationOccurrenceResponse', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1.Policy] value. - The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1.Policy.name] field - with the resource name in the request URL, in the format - ``projects/*/policy``. - """ - - policy: resources.Policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - attestor_id: str = proto.Field( - proto.STRING, - number=2, - ) - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1.Attestor] to - retrieve, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - page_size: int = proto.Field( - proto.INT32, - number=2, - ) - page_token: str = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (MutableSequence[google.cloud.binaryauthorization_v1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token: str = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1.Attestor] to - delete, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class ValidateAttestationOccurrenceRequest(proto.Message): - r"""Request message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - attestor (str): - Required. The resource name of the - [Attestor][google.cloud.binaryauthorization.v1.Attestor] of - the [occurrence][grafeas.v1.Occurrence], in the format - ``projects/*/attestors/*``. - attestation (grafeas.v1.attestation_pb2.AttestationOccurrence): - Required. An - [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to - be checked that it can be verified by the Attestor. It does - not have to be an existing entity in Container Analysis. It - must otherwise be a valid AttestationOccurrence. - occurrence_note (str): - Required. The resource name of the [Note][grafeas.v1.Note] - to which the containing [Occurrence][grafeas.v1.Occurrence] - is associated. - occurrence_resource_uri (str): - Required. The URI of the artifact (e.g. container image) - that is the subject of the containing - [Occurrence][grafeas.v1.Occurrence]. - """ - - attestor: str = proto.Field( - proto.STRING, - number=1, - ) - attestation: attestation_pb2.AttestationOccurrence = proto.Field( - proto.MESSAGE, - number=2, - message=attestation_pb2.AttestationOccurrence, - ) - occurrence_note: str = proto.Field( - proto.STRING, - number=3, - ) - occurrence_resource_uri: str = proto.Field( - proto.STRING, - number=4, - ) - - -class ValidateAttestationOccurrenceResponse(proto.Message): - r"""Response message for - [ValidationHelperV1.ValidateAttestationOccurrence][google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence]. - - Attributes: - result (google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse.Result): - The result of the Attestation validation. - denial_reason (str): - The reason for denial if the Attestation - couldn't be validated. - """ - class Result(proto.Enum): - r"""The enum returned in the "result" field.""" - RESULT_UNSPECIFIED = 0 - VERIFIED = 1 - ATTESTATION_NOT_VERIFIABLE = 2 - - result: Result = proto.Field( - proto.ENUM, - number=1, - enum=Result, - ) - denial_reason: str = proto.Field( - proto.STRING, - number=2, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1/mypy.ini b/owl-bot-staging/v1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1/noxfile.py b/owl-bot-staging/v1/noxfile.py deleted file mode 100644 index 9dee1a0..0000000 --- a/owl-bot-staging/v1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py deleted file mode 100644 index 42f52bc..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py deleted file mode 100644 index e51ea8d..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py deleted file mode 100644 index 42c7afa..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py deleted file mode 100644 index e435188..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py deleted file mode 100644 index 61dbe83..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py deleted file mode 100644 index 7272538..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py deleted file mode 100644 index 287a39f..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py deleted file mode 100644 index 108d76c..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py deleted file mode 100644 index 2670d1a..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py deleted file mode 100644 index d7eecc9..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py deleted file mode 100644 index 8f0bd69..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py deleted file mode 100644 index 38073e4..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1.Attestor() - attestor.user_owned_grafeas_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py deleted file mode 100644 index 12fc571..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py deleted file mode 100644 index d1ce288..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1.BinauthzManagementServiceV1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py deleted file mode 100644 index 3458ff1..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py deleted file mode 100644 index 9d84367..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1.SystemPolicyV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py deleted file mode 100644 index 248502b..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -async def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = await client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async] diff --git a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py b/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py deleted file mode 100644 index 44cb427..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py +++ /dev/null @@ -1,54 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ValidateAttestationOccurrence -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1 - - -def sample_validate_attestation_occurrence(): - # Create a client - client = binaryauthorization_v1.ValidationHelperV1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1.ValidateAttestationOccurrenceRequest( - attestor="attestor_value", - occurrence_note="occurrence_note_value", - occurrence_resource_uri="occurrence_resource_uri_value", - ) - - # Make the request - response = client.validate_attestation_occurrence(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync] diff --git a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json b/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json deleted file mode 100644 index 6d29a4e..0000000 --- a/owl-bot-staging/v1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json +++ /dev/null @@ -1,1466 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1", - "version": "v1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization", - "version": "0.1.0" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", - "shortName": "SystemPolicyV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", - "shortName": "SystemPolicyV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", - "shortName": "ValidationHelperV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", - "shortName": "ValidationHelperV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py b/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py deleted file mode 100644 index 62deb91..0000000 --- a/owl-bot-staging/v1/scripts/fixup_binaryauthorization_v1_keywords.py +++ /dev/null @@ -1,184 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - 'validate_attestation_occurrence': ('attestor', 'attestation', 'occurrence_note', 'occurrence_resource_uri', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1/setup.py b/owl-bot-staging/v1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1/testing/constraints-3.10.txt b/owl-bot-staging/v1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.11.txt b/owl-bot-staging/v1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.7.txt b/owl-bot-staging/v1/testing/constraints-3.7.txt deleted file mode 100644 index 6f3158c..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.7.txt +++ /dev/null @@ -1,9 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1/testing/constraints-3.8.txt b/owl-bot-staging/v1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/testing/constraints-3.9.txt b/owl-bot-staging/v1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1/tests/__init__.py b/owl-bot-staging/v1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/__init__.py b/owl-bot-staging/v1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py deleted file mode 100644 index d628bd1..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1AsyncClient -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import pagers -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Client, "grpc"), - (BinauthzManagementServiceV1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Client, BinauthzManagementServiceV1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Client)) -@mock.patch.object(BinauthzManagementServiceV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1AsyncClient)) -def test_binauthz_management_service_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_grafeas_note=resources.UserOwnedGrafeasNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1GrpcTransport, - ) - -def test_binauthz_management_service_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.transports.BinauthzManagementServiceV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1GrpcTransport, - transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1GrpcTransport, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Client, transports.BinauthzManagementServiceV1GrpcTransport), - (BinauthzManagementServiceV1AsyncClient, transports.BinauthzManagementServiceV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py deleted file mode 100644 index 39f62c7..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1AsyncClient -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import SystemPolicyV1Client -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1GrpcTransport, "grpc"), - (transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Client, "grpc"), - (SystemPolicyV1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_client_get_transport_class(): - transport = SystemPolicyV1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "true"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", "false"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Client, SystemPolicyV1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Client)) -@mock.patch.object(SystemPolicyV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1AsyncClient)) -def test_system_policy_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc"), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1GrpcTransport, - ) - -def test_system_policy_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.system_policy_v1.transports.SystemPolicyV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1GrpcTransport, - transports.SystemPolicyV1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_no_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_host_with_port(transport_name): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1GrpcTransport, transports.SystemPolicyV1GrpcAsyncIOTransport]) -def test_system_policy_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Client, transports.SystemPolicyV1GrpcTransport), - (SystemPolicyV1AsyncClient, transports.SystemPolicyV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py deleted file mode 100644 index 837321c..0000000 --- a/owl-bot-staging/v1/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py +++ /dev/null @@ -1,1293 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1AsyncClient -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ValidationHelperV1Client -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from grafeas.v1 import attestation_pb2 # type: ignore -from grafeas.v1 import common_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert ValidationHelperV1Client._get_default_mtls_endpoint(None) is None - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert ValidationHelperV1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.ValidationHelperV1GrpcTransport, "grpc"), - (transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (ValidationHelperV1Client, "grpc"), - (ValidationHelperV1AsyncClient, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_validation_helper_v1_client_get_transport_class(): - transport = ValidationHelperV1Client.get_transport_class() - available_transports = [ - transports.ValidationHelperV1GrpcTransport, - ] - assert transport in available_transports - - transport = ValidationHelperV1Client.get_transport_class("grpc") - assert transport == transports.ValidationHelperV1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(ValidationHelperV1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "true"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", "false"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_validation_helper_v1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - ValidationHelperV1Client, ValidationHelperV1AsyncClient -]) -@mock.patch.object(ValidationHelperV1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1Client)) -@mock.patch.object(ValidationHelperV1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(ValidationHelperV1AsyncClient)) -def test_validation_helper_v1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc"), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_validation_helper_v1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_validation_helper_v1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = ValidationHelperV1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport, "grpc", grpc_helpers), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_validation_helper_v1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.ValidateAttestationOccurrenceRequest, - dict, -]) -def test_validate_attestation_occurrence(request_type, transport: str = 'grpc'): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - ) - response = client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -def test_validate_attestation_occurrence_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - client.validate_attestation_occurrence() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async(transport: str = 'grpc_asyncio', request_type=service.ValidateAttestationOccurrenceRequest): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse( - result=service.ValidateAttestationOccurrenceResponse.Result.VERIFIED, - denial_reason='denial_reason_value', - )) - response = await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ValidateAttestationOccurrenceRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, service.ValidateAttestationOccurrenceResponse) - assert response.result == service.ValidateAttestationOccurrenceResponse.Result.VERIFIED - assert response.denial_reason == 'denial_reason_value' - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_async_from_dict(): - await test_validate_attestation_occurrence_async(request_type=dict) - - -def test_validate_attestation_occurrence_field_headers(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = service.ValidateAttestationOccurrenceResponse() - client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_validate_attestation_occurrence_field_headers_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ValidateAttestationOccurrenceRequest() - - request.attestor = 'attestor_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.validate_attestation_occurrence), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ValidateAttestationOccurrenceResponse()) - await client.validate_attestation_occurrence(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor=attestor_value', - ) in kw['metadata'] - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = ValidationHelperV1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = ValidationHelperV1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.ValidationHelperV1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = ValidationHelperV1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.ValidationHelperV1GrpcTransport, - ) - -def test_validation_helper_v1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_validation_helper_v1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.ValidationHelperV1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'validate_attestation_occurrence', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_validation_helper_v1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_validation_helper_v1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1.services.validation_helper_v1.transports.ValidationHelperV1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.ValidationHelperV1Transport() - adc.assert_called_once() - - -def test_validation_helper_v1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - ValidationHelperV1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.ValidationHelperV1GrpcTransport, - transports.ValidationHelperV1GrpcAsyncIOTransport, - ], -) -def test_validation_helper_v1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.ValidationHelperV1GrpcTransport, grpc_helpers), - (transports.ValidationHelperV1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_validation_helper_v1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_no_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_validation_helper_v1_host_with_port(transport_name): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_validation_helper_v1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_validation_helper_v1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.ValidationHelperV1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.ValidationHelperV1GrpcTransport, transports.ValidationHelperV1GrpcAsyncIOTransport]) -def test_validation_helper_v1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_common_billing_account_path(): - billing_account = "squid" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = ValidationHelperV1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "clam", - } - path = ValidationHelperV1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "whelk" - expected = "folders/{folder}".format(folder=folder, ) - actual = ValidationHelperV1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "octopus", - } - path = ValidationHelperV1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "oyster" - expected = "organizations/{organization}".format(organization=organization, ) - actual = ValidationHelperV1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "nudibranch", - } - path = ValidationHelperV1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "cuttlefish" - expected = "projects/{project}".format(project=project, ) - actual = ValidationHelperV1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "mussel", - } - path = ValidationHelperV1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "winkle" - location = "nautilus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = ValidationHelperV1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "scallop", - "location": "abalone", - } - path = ValidationHelperV1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = ValidationHelperV1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.ValidationHelperV1Transport, '_prep_wrapped_messages') as prep: - transport_class = ValidationHelperV1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = ValidationHelperV1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = ValidationHelperV1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (ValidationHelperV1Client, transports.ValidationHelperV1GrpcTransport), - (ValidationHelperV1AsyncClient, transports.ValidationHelperV1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/.coveragerc b/owl-bot-staging/v1beta1/.coveragerc deleted file mode 100644 index 95c4014..0000000 --- a/owl-bot-staging/v1beta1/.coveragerc +++ /dev/null @@ -1,17 +0,0 @@ -[run] -branch = True - -[report] -show_missing = True -omit = - google/cloud/binaryauthorization/__init__.py -exclude_lines = - # Re-enable the standard pragma - pragma: NO COVER - # Ignore debug-only repr - def __repr__ - # Ignore pkg_resources exceptions. - # This is added at the module level as a safeguard for if someone - # generates the code and tries to run it without pip installing. This - # makes it virtually impossible to test properly. - except pkg_resources.DistributionNotFound diff --git a/owl-bot-staging/v1beta1/.flake8 b/owl-bot-staging/v1beta1/.flake8 deleted file mode 100644 index 29227d4..0000000 --- a/owl-bot-staging/v1beta1/.flake8 +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generated by synthtool. DO NOT EDIT! -[flake8] -ignore = E203, E266, E501, W503 -exclude = - # Exclude generated code. - **/proto/** - **/gapic/** - **/services/** - **/types/** - *_pb2.py - - # Standard linting exemptions. - **/.nox/** - __pycache__, - .git, - *.pyc, - conf.py diff --git a/owl-bot-staging/v1beta1/MANIFEST.in b/owl-bot-staging/v1beta1/MANIFEST.in deleted file mode 100644 index dcb06b9..0000000 --- a/owl-bot-staging/v1beta1/MANIFEST.in +++ /dev/null @@ -1,2 +0,0 @@ -recursive-include google/cloud/binaryauthorization *.py -recursive-include google/cloud/binaryauthorization_v1beta1 *.py diff --git a/owl-bot-staging/v1beta1/README.rst b/owl-bot-staging/v1beta1/README.rst deleted file mode 100644 index 3e96e33..0000000 --- a/owl-bot-staging/v1beta1/README.rst +++ /dev/null @@ -1,49 +0,0 @@ -Python Client for Google Cloud Binaryauthorization API -================================================= - -Quick Start ------------ - -In order to use this library, you first need to go through the following steps: - -1. `Select or create a Cloud Platform project.`_ -2. `Enable billing for your project.`_ -3. Enable the Google Cloud Binaryauthorization API. -4. `Setup Authentication.`_ - -.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project -.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project -.. _Setup Authentication.: https://googleapis.dev/python/google-api-core/latest/auth.html - -Installation -~~~~~~~~~~~~ - -Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to -create isolated Python environments. The basic problem it addresses is one of -dependencies and versions, and indirectly permissions. - -With `virtualenv`_, it's possible to install this library without needing system -install permissions, and without clashing with the installed system -dependencies. - -.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/ - - -Mac/Linux -^^^^^^^^^ - -.. code-block:: console - - python3 -m venv - source /bin/activate - /bin/pip install /path/to/library - - -Windows -^^^^^^^ - -.. code-block:: console - - python3 -m venv - \Scripts\activate - \Scripts\pip.exe install \path\to\library diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst deleted file mode 100644 index 22016d0..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/binauthz_management_service_v1_beta1.rst +++ /dev/null @@ -1,10 +0,0 @@ -BinauthzManagementServiceV1Beta1 --------------------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 - :members: - :inherited-members: - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst deleted file mode 100644 index 0d0e455..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/services.rst +++ /dev/null @@ -1,7 +0,0 @@ -Services for Google Cloud Binaryauthorization v1beta1 API -========================================================= -.. toctree:: - :maxdepth: 2 - - binauthz_management_service_v1_beta1 - system_policy_v1_beta1 diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst deleted file mode 100644 index 70a68bc..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/system_policy_v1_beta1.rst +++ /dev/null @@ -1,6 +0,0 @@ -SystemPolicyV1Beta1 -------------------------------------- - -.. automodule:: google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 - :members: - :inherited-members: diff --git a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst b/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst deleted file mode 100644 index 3b8ecee..0000000 --- a/owl-bot-staging/v1beta1/docs/binaryauthorization_v1beta1/types.rst +++ /dev/null @@ -1,6 +0,0 @@ -Types for Google Cloud Binaryauthorization v1beta1 API -====================================================== - -.. automodule:: google.cloud.binaryauthorization_v1beta1.types - :members: - :show-inheritance: diff --git a/owl-bot-staging/v1beta1/docs/conf.py b/owl-bot-staging/v1beta1/docs/conf.py deleted file mode 100644 index feecefc..0000000 --- a/owl-bot-staging/v1beta1/docs/conf.py +++ /dev/null @@ -1,376 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -# google-cloud-binaryauthorization documentation build configuration file -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -sys.path.insert(0, os.path.abspath("..")) - -__version__ = "0.1.0" - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -needs_sphinx = "4.0.1" - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - "sphinx.ext.autodoc", - "sphinx.ext.autosummary", - "sphinx.ext.intersphinx", - "sphinx.ext.coverage", - "sphinx.ext.napoleon", - "sphinx.ext.todo", - "sphinx.ext.viewcode", -] - -# autodoc/autosummary flags -autoclass_content = "both" -autodoc_default_flags = ["members"] -autosummary_generate = True - - -# Add any paths that contain templates here, relative to this directory. -templates_path = ["_templates"] - -# Allow markdown includes (so releases.md can include CHANGLEOG.md) -# http://www.sphinx-doc.org/en/master/markdown.html -source_parsers = {".md": "recommonmark.parser.CommonMarkParser"} - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = [".rst", ".md"] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The root toctree document. -root_doc = "index" - -# General information about the project. -project = u"google-cloud-binaryauthorization" -copyright = u"2022, Google, LLC" -author = u"Google APIs" # TODO: autogenerate this bit - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The full version, including alpha/beta/rc tags. -release = __version__ -# The short X.Y version. -version = ".".join(release.split(".")[0:2]) - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -# today = '' -# Else, today_fmt is used as the format for a strftime call. -# today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ["_build"] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -# default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -# add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -# add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -# show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = "sphinx" - -# A list of ignored prefixes for module index sorting. -# modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -# keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = True - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = "alabaster" - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -html_theme_options = { - "description": "Google Cloud Client Libraries for Python", - "github_user": "googleapis", - "github_repo": "google-cloud-python", - "github_banner": True, - "font_family": "'Roboto', Georgia, sans", - "head_font_family": "'Roboto', Georgia, serif", - "code_font_family": "'Roboto Mono', 'Consolas', monospace", -} - -# Add any paths that contain custom themes here, relative to this directory. -# html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -# html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -# html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -# html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -# html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ["_static"] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -# html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -# html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -# html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -# html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -# html_additional_pages = {} - -# If false, no module index is generated. -# html_domain_indices = True - -# If false, no index is generated. -# html_use_index = True - -# If true, the index is split into individual pages for each letter. -# html_split_index = False - -# If true, links to the reST sources are added to the pages. -# html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -# html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -# html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -# html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -# html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -# html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -# html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -# html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = "google-cloud-binaryauthorization-doc" - -# -- Options for warnings ------------------------------------------------------ - - -suppress_warnings = [ - # Temporarily suppress this to avoid "more than one target found for - # cross-reference" warning, which are intractable for us to avoid while in - # a mono-repo. - # See https://github.com/sphinx-doc/sphinx/blob - # /2a65ffeef5c107c19084fabdd706cdff3f52d93c/sphinx/domains/python.py#L843 - "ref.python" -] - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - # 'papersize': 'letterpaper', - # The font size ('10pt', '11pt' or '12pt'). - # 'pointsize': '10pt', - # Additional stuff for the LaTeX preamble. - # 'preamble': '', - # Latex figure (float) alignment - # 'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization.tex", - u"google-cloud-binaryauthorization Documentation", - author, - "manual", - ) -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -# latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -# latex_use_parts = False - -# If true, show page references after internal links. -# latex_show_pagerefs = False - -# If true, show URL addresses after external links. -# latex_show_urls = False - -# Documents to append as an appendix to all manuals. -# latex_appendices = [] - -# If false, no module index is generated. -# latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"Google Cloud Binaryauthorization Documentation", - [author], - 1, - ) -] - -# If true, show URL addresses after external links. -# man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ( - root_doc, - "google-cloud-binaryauthorization", - u"google-cloud-binaryauthorization Documentation", - author, - "google-cloud-binaryauthorization", - "GAPIC library for Google Cloud Binaryauthorization API", - "APIs", - ) -] - -# Documents to append as an appendix to all manuals. -# texinfo_appendices = [] - -# If false, no module index is generated. -# texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -# texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -# texinfo_no_detailmenu = False - - -# Example configuration for intersphinx: refer to the Python standard library. -intersphinx_mapping = { - "python": ("http://python.readthedocs.org/en/latest/", None), - "gax": ("https://gax-python.readthedocs.org/en/latest/", None), - "google-auth": ("https://google-auth.readthedocs.io/en/stable", None), - "google-gax": ("https://gax-python.readthedocs.io/en/latest/", None), - "google.api_core": ("https://googleapis.dev/python/google-api-core/latest/", None), - "grpc": ("https://grpc.io/grpc/python/", None), - "requests": ("http://requests.kennethreitz.org/en/stable/", None), - "proto": ("https://proto-plus-python.readthedocs.io/en/stable", None), - "protobuf": ("https://googleapis.dev/python/protobuf/latest/", None), -} - - -# Napoleon settings -napoleon_google_docstring = True -napoleon_numpy_docstring = True -napoleon_include_private_with_doc = False -napoleon_include_special_with_doc = True -napoleon_use_admonition_for_examples = False -napoleon_use_admonition_for_notes = False -napoleon_use_admonition_for_references = False -napoleon_use_ivar = False -napoleon_use_param = True -napoleon_use_rtype = True diff --git a/owl-bot-staging/v1beta1/docs/index.rst b/owl-bot-staging/v1beta1/docs/index.rst deleted file mode 100644 index 787a5eb..0000000 --- a/owl-bot-staging/v1beta1/docs/index.rst +++ /dev/null @@ -1,7 +0,0 @@ -API Reference -------------- -.. toctree:: - :maxdepth: 2 - - binaryauthorization_v1beta1/services - binaryauthorization_v1beta1/types diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py deleted file mode 100644 index ad30948..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/__init__.py +++ /dev/null @@ -1,65 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.client import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.async_client import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.client import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.async_client import SystemPolicyV1Beta1AsyncClient - -from google.cloud.binaryauthorization_v1beta1.types.continuous_validation_logging import ContinuousValidationEvent -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionRule -from google.cloud.binaryauthorization_v1beta1.types.resources import AdmissionWhitelistPattern -from google.cloud.binaryauthorization_v1beta1.types.resources import Attestor -from google.cloud.binaryauthorization_v1beta1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1beta1.types.resources import Policy -from google.cloud.binaryauthorization_v1beta1.types.resources import UserOwnedDrydockNote -from google.cloud.binaryauthorization_v1beta1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1beta1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1beta1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1beta1.types.service import UpdatePolicyRequest - -__all__ = ('BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py deleted file mode 100644 index 35859c3..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/gapic_version.py +++ /dev/null @@ -1,16 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -__version__ = "0.1.0" diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 39fdf61..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,66 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from google.cloud.binaryauthorization import gapic_version as package_version - -__version__ = package_version.__version__ - - -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from .services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient - -from .types.continuous_validation_logging import ContinuousValidationEvent -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedDrydockNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest - -__all__ = ( - 'BinauthzManagementServiceV1Beta1AsyncClient', - 'SystemPolicyV1Beta1AsyncClient', -'AdmissionRule', -'AdmissionWhitelistPattern', -'Attestor', -'AttestorPublicKey', -'BinauthzManagementServiceV1Beta1Client', -'ContinuousValidationEvent', -'CreateAttestorRequest', -'DeleteAttestorRequest', -'GetAttestorRequest', -'GetPolicyRequest', -'GetSystemPolicyRequest', -'ListAttestorsRequest', -'ListAttestorsResponse', -'PkixPublicKey', -'Policy', -'SystemPolicyV1Beta1Client', -'UpdateAttestorRequest', -'UpdatePolicyRequest', -'UserOwnedDrydockNote', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json deleted file mode 100644 index 65f5f50..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/gapic_metadata.json +++ /dev/null @@ -1,117 +0,0 @@ - { - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "python", - "libraryPackage": "google.cloud.binaryauthorization_v1beta1", - "protoPackage": "google.cloud.binaryauthorization.v1beta1", - "schema": "1.0", - "services": { - "BinauthzManagementServiceV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "BinauthzManagementServiceV1Beta1Client", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "BinauthzManagementServiceV1Beta1AsyncClient", - "rpcs": { - "CreateAttestor": { - "methods": [ - "create_attestor" - ] - }, - "DeleteAttestor": { - "methods": [ - "delete_attestor" - ] - }, - "GetAttestor": { - "methods": [ - "get_attestor" - ] - }, - "GetPolicy": { - "methods": [ - "get_policy" - ] - }, - "ListAttestors": { - "methods": [ - "list_attestors" - ] - }, - "UpdateAttestor": { - "methods": [ - "update_attestor" - ] - }, - "UpdatePolicy": { - "methods": [ - "update_policy" - ] - } - } - } - } - }, - "SystemPolicyV1Beta1": { - "clients": { - "grpc": { - "libraryClient": "SystemPolicyV1Beta1Client", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - }, - "grpc-async": { - "libraryClient": "SystemPolicyV1Beta1AsyncClient", - "rpcs": { - "GetSystemPolicy": { - "methods": [ - "get_system_policy" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed deleted file mode 100644 index 5afd9ec..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/py.typed +++ /dev/null @@ -1,2 +0,0 @@ -# Marker file for PEP 561. -# The google-cloud-binaryauthorization package uses inline types. diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py deleted file mode 100644 index e8e1c38..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/__init__.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py deleted file mode 100644 index c00aba6..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import BinauthzManagementServiceV1Beta1Client -from .async_client import BinauthzManagementServiceV1Beta1AsyncClient - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Client', - 'BinauthzManagementServiceV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py deleted file mode 100644 index b00a268..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py +++ /dev/null @@ -1,1063 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport -from .client import BinauthzManagementServiceV1Beta1Client - - -class BinauthzManagementServiceV1Beta1AsyncClient: - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - _client: BinauthzManagementServiceV1Beta1Client - - DEFAULT_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = BinauthzManagementServiceV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.attestor_path) - parse_attestor_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_attestor_path) - policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.policy_path) - parse_policy_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(BinauthzManagementServiceV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_info.__func__(BinauthzManagementServiceV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1AsyncClient: The constructed client. - """ - return BinauthzManagementServiceV1Beta1Client.from_service_account_file.__func__(BinauthzManagementServiceV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return BinauthzManagementServiceV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(BinauthzManagementServiceV1Beta1Client).get_transport_class, type(BinauthzManagementServiceV1Beta1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, BinauthzManagementServiceV1Beta1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = BinauthzManagementServiceV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (:class:`str`): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (:class:`google.cloud.binaryauthorization_v1beta1.types.Policy`): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdatePolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (:class:`str`): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (:class:`str`): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.CreateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.create_attestor, - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (:class:`str`): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (:class:`google.cloud.binaryauthorization_v1beta1.types.Attestor`): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.UpdateAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsAsyncPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (:class:`str`): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.ListAttestorsRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__aiter__` convenience method. - response = pagers.ListAttestorsAsyncPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (:class:`str`): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.DeleteAttestorRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py deleted file mode 100644 index 43d098d..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ /dev/null @@ -1,1231 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .transports.grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -class BinauthzManagementServiceV1Beta1ClientMeta(type): - """Metaclass for the BinauthzManagementServiceV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] - _transport_registry["grpc"] = BinauthzManagementServiceV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[BinauthzManagementServiceV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class BinauthzManagementServiceV1Beta1Client(metaclass=BinauthzManagementServiceV1Beta1ClientMeta): - """Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - """ - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - BinauthzManagementServiceV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> BinauthzManagementServiceV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - BinauthzManagementServiceV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def attestor_path(project: str,attestor: str,) -> str: - """Returns a fully-qualified attestor string.""" - return "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - - @staticmethod - def parse_attestor_path(path: str) -> Dict[str,str]: - """Parses a attestor path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/attestors/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, BinauthzManagementServiceV1Beta1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the binauthz management service v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, BinauthzManagementServiceV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, BinauthzManagementServiceV1Beta1Transport): - # transport is a BinauthzManagementServiceV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_policy(self, - request: Optional[Union[service.GetPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetPolicy][]. - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - to retrieve, in the format ``projects/*/policy``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetPolicyRequest): - request = service.GetPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_policy(self, - request: Optional[Union[service.UpdatePolicyRequest, dict]] = None, - *, - policy: Optional[resources.Policy] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdatePolicy][]. - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - - This corresponds to the ``policy`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([policy]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdatePolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdatePolicyRequest): - request = service.UpdatePolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if policy is not None: - request.policy = policy - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("policy.name", request.policy.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def create_attestor(self, - request: Optional[Union[service.CreateAttestorRequest, dict]] = None, - *, - parent: Optional[str] = None, - attestor_id: Optional[str] = None, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.CreateAttestor][]. - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - - This corresponds to the ``attestor_id`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent, attestor_id, attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.CreateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.CreateAttestorRequest): - request = service.CreateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - if attestor_id is not None: - request.attestor_id = attestor_id - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.create_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def get_attestor(self, - request: Optional[Union[service.GetAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.GetAttestor][]. - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetAttestorRequest): - request = service.GetAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def update_attestor(self, - request: Optional[Union[service.UpdateAttestorRequest, dict]] = None, - *, - attestor: Optional[resources.Attestor] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Attestor: - r"""Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.UpdateAttestor][]. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - - This corresponds to the ``attestor`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Attestor: - An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] that attests to container image - artifacts. An existing attestor cannot be modified - except where indicated. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([attestor]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.UpdateAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.UpdateAttestorRequest): - request = service.UpdateAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if attestor is not None: - request.attestor = attestor - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.update_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("attestor.name", request.attestor.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def list_attestors(self, - request: Optional[Union[service.ListAttestorsRequest, dict]] = None, - *, - parent: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> pagers.ListAttestorsPager: - r"""Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest, dict]): - The request object. Request message for - [BinauthzManagementService.ListAttestors][]. - parent (str): - Required. The resource name of the project associated - with the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - - This corresponds to the ``parent`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager: - Response message for - [BinauthzManagementService.ListAttestors][]. - - Iterating over this object will yield results and - resolve additional pages automatically. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([parent]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.ListAttestorsRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.ListAttestorsRequest): - request = service.ListAttestorsRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if parent is not None: - request.parent = parent - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.list_attestors] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("parent", request.parent), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # This method is paged; wrap the response in a pager, which provides - # an `__iter__` convenience method. - response = pagers.ListAttestorsPager( - method=rpc, - request=request, - response=response, - metadata=metadata, - ) - - # Done; return the response. - return response - - def delete_attestor(self, - request: Optional[Union[service.DeleteAttestorRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> None: - r"""Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest, dict]): - The request object. Request message for - [BinauthzManagementService.DeleteAttestor][]. - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.DeleteAttestorRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.DeleteAttestorRequest): - request = service.DeleteAttestorRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.delete_attestor] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "BinauthzManagementServiceV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py deleted file mode 100644 index 3d12ffa..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py +++ /dev/null @@ -1,140 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import Any, AsyncIterator, Awaitable, Callable, Sequence, Tuple, Optional, Iterator - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - - -class ListAttestorsPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__iter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__iter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., service.ListAttestorsResponse], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiate the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - def pages(self) -> Iterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = self._method(self._request, metadata=self._metadata) - yield self._response - - def __iter__(self) -> Iterator[resources.Attestor]: - for page in self.pages: - yield from page.attestors - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) - - -class ListAttestorsAsyncPager: - """A pager for iterating through ``list_attestors`` requests. - - This class thinly wraps an initial - :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` object, and - provides an ``__aiter__`` method to iterate through its - ``attestors`` field. - - If there are more pages, the ``__aiter__`` method will make additional - ``ListAttestors`` requests and continue to iterate - through the ``attestors`` field on the - corresponding responses. - - All the usual :class:`google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse` - attributes are available on the pager. If multiple requests are made, only - the most recent response is retained, and thus used for attribute lookup. - """ - def __init__(self, - method: Callable[..., Awaitable[service.ListAttestorsResponse]], - request: service.ListAttestorsRequest, - response: service.ListAttestorsResponse, - *, - metadata: Sequence[Tuple[str, str]] = ()): - """Instantiates the pager. - - Args: - method (Callable): The method that was originally called, and - which instantiated this pager. - request (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest): - The initial request object. - response (google.cloud.binaryauthorization_v1beta1.types.ListAttestorsResponse): - The initial response object. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - """ - self._method = method - self._request = service.ListAttestorsRequest(request) - self._response = response - self._metadata = metadata - - def __getattr__(self, name: str) -> Any: - return getattr(self._response, name) - - @property - async def pages(self) -> AsyncIterator[service.ListAttestorsResponse]: - yield self._response - while self._response.next_page_token: - self._request.page_token = self._response.next_page_token - self._response = await self._method(self._request, metadata=self._metadata) - yield self._response - def __aiter__(self) -> AsyncIterator[resources.Attestor]: - async def async_generator(): - async for page in self.pages: - for response in page.attestors: - yield response - - return async_generator() - - def __repr__(self) -> str: - return '{0}<{1!r}>'.format(self.__class__.__name__, self._response) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py deleted file mode 100644 index 207eade..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import BinauthzManagementServiceV1Beta1Transport -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport -from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[BinauthzManagementServiceV1Beta1Transport]] -_transport_registry['grpc'] = BinauthzManagementServiceV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', - 'BinauthzManagementServiceV1Beta1GrpcTransport', - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py deleted file mode 100644 index f623a9e..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py +++ /dev/null @@ -1,282 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class BinauthzManagementServiceV1Beta1Transport(abc.ABC): - """Abstract transport class for BinauthzManagementServiceV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_policy: gapic_v1.method.wrap_method( - self.get_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_policy: gapic_v1.method.wrap_method( - self.update_policy, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.create_attestor: gapic_v1.method.wrap_method( - self.create_attestor, - default_timeout=600.0, - client_info=client_info, - ), - self.get_attestor: gapic_v1.method.wrap_method( - self.get_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.update_attestor: gapic_v1.method.wrap_method( - self.update_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.list_attestors: gapic_v1.method.wrap_method( - self.list_attestors, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - self.delete_attestor: gapic_v1.method.wrap_method( - self.delete_attestor, - default_retry=retries.Retry( -initial=0.1,maximum=60.0,multiplier=1.3, predicate=retries.if_exception_type( - core_exceptions.DeadlineExceeded, - core_exceptions.ServiceUnavailable, - ), - deadline=600.0, - ), - default_timeout=600.0, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Union[ - resources.Attestor, - Awaitable[resources.Attestor] - ]]: - raise NotImplementedError() - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Union[ - service.ListAttestorsResponse, - Awaitable[service.ListAttestorsResponse] - ]]: - raise NotImplementedError() - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Union[ - empty_pb2.Empty, - Awaitable[empty_pb2.Empty] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py deleted file mode 100644 index 1ecdd2f..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,469 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class BinauthzManagementServiceV1Beta1GrpcTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - resources.Policy]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - resources.Policy]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - resources.Attestor]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - resources.Attestor]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - ~.Attestor]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - service.ListAttestorsResponse]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - ~.ListAttestorsResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - empty_pb2.Empty]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - ~.Empty]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index 05bf0a4..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,468 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport - - -class BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport(BinauthzManagementServiceV1Beta1Transport): - """gRPC AsyncIO backend transport for BinauthzManagementServiceV1Beta1. - - Google Cloud Management Service for Binary Authorization admission - policies and attestation authorities. - - This API implements a REST model with the following objects: - - - [Policy][google.cloud.binaryauthorization.v1beta1.Policy] - - [Attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_policy(self) -> Callable[ - [service.GetPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get policy method over gRPC. - - A [policy][google.cloud.binaryauthorization.v1beta1.Policy] - specifies the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - that must attest to a container image, before the project is - allowed to deploy that image. There is at most one policy per - project. All image admission requests are permitted if a project - has no policy. - - Gets the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - this project. Returns a default - [policy][google.cloud.binaryauthorization.v1beta1.Policy] if the - project does not have one. - - Returns: - Callable[[~.GetPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_policy' not in self._stubs: - self._stubs['get_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetPolicy', - request_serializer=service.GetPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_policy'] - - @property - def update_policy(self) -> Callable[ - [service.UpdatePolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the update policy method over gRPC. - - Creates or updates a project's - [policy][google.cloud.binaryauthorization.v1beta1.Policy], and - returns a copy of the new - [policy][google.cloud.binaryauthorization.v1beta1.Policy]. A - policy is always updated as a whole, to avoid race conditions - with concurrent policy enforcement (or management!) requests. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed. - - Returns: - Callable[[~.UpdatePolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_policy' not in self._stubs: - self._stubs['update_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdatePolicy', - request_serializer=service.UpdatePolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['update_policy'] - - @property - def create_attestor(self) -> Callable[ - [service.CreateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the create attestor method over gRPC. - - Creates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor], - and returns a copy of the new - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the project does not exist, - INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if - the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - already exists. - - Returns: - Callable[[~.CreateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'create_attestor' not in self._stubs: - self._stubs['create_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/CreateAttestor', - request_serializer=service.CreateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['create_attestor'] - - @property - def get_attestor(self) -> Callable[ - [service.GetAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the get attestor method over gRPC. - - Gets an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.GetAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_attestor' not in self._stubs: - self._stubs['get_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/GetAttestor', - request_serializer=service.GetAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['get_attestor'] - - @property - def update_attestor(self) -> Callable[ - [service.UpdateAttestorRequest], - Awaitable[resources.Attestor]]: - r"""Return a callable for the update attestor method over gRPC. - - Updates an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.UpdateAttestorRequest], - Awaitable[~.Attestor]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'update_attestor' not in self._stubs: - self._stubs['update_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/UpdateAttestor', - request_serializer=service.UpdateAttestorRequest.serialize, - response_deserializer=resources.Attestor.deserialize, - ) - return self._stubs['update_attestor'] - - @property - def list_attestors(self) -> Callable[ - [service.ListAttestorsRequest], - Awaitable[service.ListAttestorsResponse]]: - r"""Return a callable for the list attestors method over gRPC. - - Lists - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns INVALID_ARGUMENT if the project does not exist. - - Returns: - Callable[[~.ListAttestorsRequest], - Awaitable[~.ListAttestorsResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'list_attestors' not in self._stubs: - self._stubs['list_attestors'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/ListAttestors', - request_serializer=service.ListAttestorsRequest.serialize, - response_deserializer=service.ListAttestorsResponse.deserialize, - ) - return self._stubs['list_attestors'] - - @property - def delete_attestor(self) -> Callable[ - [service.DeleteAttestorRequest], - Awaitable[empty_pb2.Empty]]: - r"""Return a callable for the delete attestor method over gRPC. - - Deletes an - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - Returns NOT_FOUND if the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - does not exist. - - Returns: - Callable[[~.DeleteAttestorRequest], - Awaitable[~.Empty]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'delete_attestor' not in self._stubs: - self._stubs['delete_attestor'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1/DeleteAttestor', - request_serializer=service.DeleteAttestorRequest.serialize, - response_deserializer=empty_pb2.Empty.FromString, - ) - return self._stubs['delete_attestor'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py deleted file mode 100644 index 3fc064c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py +++ /dev/null @@ -1,22 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .client import SystemPolicyV1Beta1Client -from .async_client import SystemPolicyV1Beta1AsyncClient - -__all__ = ( - 'SystemPolicyV1Beta1Client', - 'SystemPolicyV1Beta1AsyncClient', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py deleted file mode 100644 index 5f60e3c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py +++ /dev/null @@ -1,309 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import functools -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union -import pkg_resources - -from google.api_core.client_options import ClientOptions -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport -from .client import SystemPolicyV1Beta1Client - - -class SystemPolicyV1Beta1AsyncClient: - """API for working with the system policy.""" - - _client: SystemPolicyV1Beta1Client - - DEFAULT_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_ENDPOINT - DEFAULT_MTLS_ENDPOINT = SystemPolicyV1Beta1Client.DEFAULT_MTLS_ENDPOINT - - policy_path = staticmethod(SystemPolicyV1Beta1Client.policy_path) - parse_policy_path = staticmethod(SystemPolicyV1Beta1Client.parse_policy_path) - common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.common_billing_account_path) - parse_common_billing_account_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_billing_account_path) - common_folder_path = staticmethod(SystemPolicyV1Beta1Client.common_folder_path) - parse_common_folder_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_folder_path) - common_organization_path = staticmethod(SystemPolicyV1Beta1Client.common_organization_path) - parse_common_organization_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_organization_path) - common_project_path = staticmethod(SystemPolicyV1Beta1Client.common_project_path) - parse_common_project_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_project_path) - common_location_path = staticmethod(SystemPolicyV1Beta1Client.common_location_path) - parse_common_location_path = staticmethod(SystemPolicyV1Beta1Client.parse_common_location_path) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_info.__func__(SystemPolicyV1Beta1AsyncClient, info, *args, **kwargs) # type: ignore - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1AsyncClient: The constructed client. - """ - return SystemPolicyV1Beta1Client.from_service_account_file.__func__(SystemPolicyV1Beta1AsyncClient, filename, *args, **kwargs) # type: ignore - - from_service_account_json = from_service_account_file - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - return SystemPolicyV1Beta1Client.get_mtls_endpoint_and_cert_source(client_options) # type: ignore - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client instance. - """ - return self._client.transport - - get_transport_class = functools.partial(type(SystemPolicyV1Beta1Client).get_transport_class, type(SystemPolicyV1Beta1Client)) - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Union[str, SystemPolicyV1Beta1Transport] = "grpc_asyncio", - client_options: Optional[ClientOptions] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, ~.SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (ClientOptions): Custom options for the client. It - won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - """ - self._client = SystemPolicyV1Beta1Client( - credentials=credentials, - transport=transport, - client_options=client_options, - client_info=client_info, - - ) - - async def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Optional[Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]]): - The request object. Request to read the current system - policy. - name (:class:`str`): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError("If the `request` argument is set, then none of " - "the individual field arguments should be set.") - - request = service.GetSystemPolicyRequest(request) - - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.get_system_policy, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def __aenter__(self): - return self - - async def __aexit__(self, exc_type, exc, tb): - await self.transport.close() - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1AsyncClient", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py deleted file mode 100644 index 73d2151..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ /dev/null @@ -1,510 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -import os -import re -from typing import Dict, Mapping, MutableMapping, MutableSequence, Optional, Sequence, Tuple, Type, Union, cast -import pkg_resources - -from google.api_core import client_options as client_options_lib -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport import mtls # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore -from google.oauth2 import service_account # type: ignore - -try: - OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] -except AttributeError: # pragma: NO COVER - OptionalRetry = Union[retries.Retry, object] # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc import SystemPolicyV1Beta1GrpcTransport -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -class SystemPolicyV1Beta1ClientMeta(type): - """Metaclass for the SystemPolicyV1Beta1 client. - - This provides class-level methods for building and retrieving - support objects (e.g. transport) without polluting the client instance - objects. - """ - _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] - _transport_registry["grpc"] = SystemPolicyV1Beta1GrpcTransport - _transport_registry["grpc_asyncio"] = SystemPolicyV1Beta1GrpcAsyncIOTransport - - def get_transport_class(cls, - label: Optional[str] = None, - ) -> Type[SystemPolicyV1Beta1Transport]: - """Returns an appropriate transport class. - - Args: - label: The name of the desired transport. If none is - provided, then the first transport in the registry is used. - - Returns: - The transport class to use. - """ - # If a specific transport is requested, return that one. - if label: - return cls._transport_registry[label] - - # No transport is requested; return the default (that is, the first one - # in the dictionary). - return next(iter(cls._transport_registry.values())) - - -class SystemPolicyV1Beta1Client(metaclass=SystemPolicyV1Beta1ClientMeta): - """API for working with the system policy.""" - - @staticmethod - def _get_default_mtls_endpoint(api_endpoint): - """Converts api endpoint to mTLS endpoint. - - Convert "*.sandbox.googleapis.com" and "*.googleapis.com" to - "*.mtls.sandbox.googleapis.com" and "*.mtls.googleapis.com" respectively. - Args: - api_endpoint (Optional[str]): the api endpoint to convert. - Returns: - str: converted mTLS api endpoint. - """ - if not api_endpoint: - return api_endpoint - - mtls_endpoint_re = re.compile( - r"(?P[^.]+)(?P\.mtls)?(?P\.sandbox)?(?P\.googleapis\.com)?" - ) - - m = mtls_endpoint_re.match(api_endpoint) - name, mtls, sandbox, googledomain = m.groups() - if mtls or not googledomain: - return api_endpoint - - if sandbox: - return api_endpoint.replace( - "sandbox.googleapis.com", "mtls.sandbox.googleapis.com" - ) - - return api_endpoint.replace(".googleapis.com", ".mtls.googleapis.com") - - DEFAULT_ENDPOINT = "binaryauthorization.googleapis.com" - DEFAULT_MTLS_ENDPOINT = _get_default_mtls_endpoint.__func__( # type: ignore - DEFAULT_ENDPOINT - ) - - @classmethod - def from_service_account_info(cls, info: dict, *args, **kwargs): - """Creates an instance of this client using the provided credentials - info. - - Args: - info (dict): The service account private key info. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_info(info) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - @classmethod - def from_service_account_file(cls, filename: str, *args, **kwargs): - """Creates an instance of this client using the provided credentials - file. - - Args: - filename (str): The path to the service account private key json - file. - args: Additional arguments to pass to the constructor. - kwargs: Additional arguments to pass to the constructor. - - Returns: - SystemPolicyV1Beta1Client: The constructed client. - """ - credentials = service_account.Credentials.from_service_account_file( - filename) - kwargs["credentials"] = credentials - return cls(*args, **kwargs) - - from_service_account_json = from_service_account_file - - @property - def transport(self) -> SystemPolicyV1Beta1Transport: - """Returns the transport used by the client instance. - - Returns: - SystemPolicyV1Beta1Transport: The transport used by the client - instance. - """ - return self._transport - - @staticmethod - def policy_path(project: str,) -> str: - """Returns a fully-qualified policy string.""" - return "projects/{project}/policy".format(project=project, ) - - @staticmethod - def parse_policy_path(path: str) -> Dict[str,str]: - """Parses a policy path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/policy$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_billing_account_path(billing_account: str, ) -> str: - """Returns a fully-qualified billing_account string.""" - return "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - - @staticmethod - def parse_common_billing_account_path(path: str) -> Dict[str,str]: - """Parse a billing_account path into its component segments.""" - m = re.match(r"^billingAccounts/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_folder_path(folder: str, ) -> str: - """Returns a fully-qualified folder string.""" - return "folders/{folder}".format(folder=folder, ) - - @staticmethod - def parse_common_folder_path(path: str) -> Dict[str,str]: - """Parse a folder path into its component segments.""" - m = re.match(r"^folders/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_organization_path(organization: str, ) -> str: - """Returns a fully-qualified organization string.""" - return "organizations/{organization}".format(organization=organization, ) - - @staticmethod - def parse_common_organization_path(path: str) -> Dict[str,str]: - """Parse a organization path into its component segments.""" - m = re.match(r"^organizations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_project_path(project: str, ) -> str: - """Returns a fully-qualified project string.""" - return "projects/{project}".format(project=project, ) - - @staticmethod - def parse_common_project_path(path: str) -> Dict[str,str]: - """Parse a project path into its component segments.""" - m = re.match(r"^projects/(?P.+?)$", path) - return m.groupdict() if m else {} - - @staticmethod - def common_location_path(project: str, location: str, ) -> str: - """Returns a fully-qualified location string.""" - return "projects/{project}/locations/{location}".format(project=project, location=location, ) - - @staticmethod - def parse_common_location_path(path: str) -> Dict[str,str]: - """Parse a location path into its component segments.""" - m = re.match(r"^projects/(?P.+?)/locations/(?P.+?)$", path) - return m.groupdict() if m else {} - - @classmethod - def get_mtls_endpoint_and_cert_source(cls, client_options: Optional[client_options_lib.ClientOptions] = None): - """Return the API endpoint and client cert source for mutual TLS. - - The client cert source is determined in the following order: - (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the - client cert source is None. - (2) if `client_options.client_cert_source` is provided, use the provided one; if the - default client cert source exists, use the default one; otherwise the client cert - source is None. - - The API endpoint is determined in the following order: - (1) if `client_options.api_endpoint` if provided, use the provided one. - (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the - default mTLS endpoint; if the environment variabel is "never", use the default API - endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise - use the default API endpoint. - - More details can be found at https://google.aip.dev/auth/4114. - - Args: - client_options (google.api_core.client_options.ClientOptions): Custom options for the - client. Only the `api_endpoint` and `client_cert_source` properties may be used - in this method. - - Returns: - Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the - client cert source to use. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If any errors happen. - """ - if client_options is None: - client_options = client_options_lib.ClientOptions() - use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") - use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto") - if use_client_cert not in ("true", "false"): - raise ValueError("Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`") - if use_mtls_endpoint not in ("auto", "never", "always"): - raise MutualTLSChannelError("Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`") - - # Figure out the client cert source to use. - client_cert_source = None - if use_client_cert == "true": - if client_options.client_cert_source: - client_cert_source = client_options.client_cert_source - elif mtls.has_default_client_cert_source(): - client_cert_source = mtls.default_client_cert_source() - - # Figure out which api endpoint to use. - if client_options.api_endpoint is not None: - api_endpoint = client_options.api_endpoint - elif use_mtls_endpoint == "always" or (use_mtls_endpoint == "auto" and client_cert_source): - api_endpoint = cls.DEFAULT_MTLS_ENDPOINT - else: - api_endpoint = cls.DEFAULT_ENDPOINT - - return api_endpoint, client_cert_source - - def __init__(self, *, - credentials: Optional[ga_credentials.Credentials] = None, - transport: Optional[Union[str, SystemPolicyV1Beta1Transport]] = None, - client_options: Optional[Union[client_options_lib.ClientOptions, dict]] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - ) -> None: - """Instantiates the system policy v1 beta1 client. - - Args: - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - transport (Union[str, SystemPolicyV1Beta1Transport]): The - transport to use. If set to None, a transport is chosen - automatically. - client_options (Optional[Union[google.api_core.client_options.ClientOptions, dict]]): Custom options for the - client. It won't take effect if a ``transport`` instance is provided. - (1) The ``api_endpoint`` property can be used to override the - default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT - environment variable can also be used to override the endpoint: - "always" (always use the default mTLS endpoint), "never" (always - use the default regular endpoint) and "auto" (auto switch to the - default mTLS endpoint if client certificate is present, this is - the default value). However, the ``api_endpoint`` property takes - precedence if provided. - (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable - is "true", then the ``client_cert_source`` property can be used - to provide client certificate for mutual TLS transport. If - not provided, the default SSL client certificate will be used if - present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not - set, no client certificate will be used. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - """ - if isinstance(client_options, dict): - client_options = client_options_lib.from_dict(client_options) - if client_options is None: - client_options = client_options_lib.ClientOptions() - client_options = cast(client_options_lib.ClientOptions, client_options) - - api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(client_options) - - api_key_value = getattr(client_options, "api_key", None) - if api_key_value and credentials: - raise ValueError("client_options.api_key and credentials are mutually exclusive") - - # Save or instantiate the transport. - # Ordinarily, we provide the transport, but allowing a custom transport - # instance provides an extensibility point for unusual situations. - if isinstance(transport, SystemPolicyV1Beta1Transport): - # transport is a SystemPolicyV1Beta1Transport instance. - if credentials or client_options.credentials_file or api_key_value: - raise ValueError("When providing a transport instance, " - "provide its credentials directly.") - if client_options.scopes: - raise ValueError( - "When providing a transport instance, provide its scopes " - "directly." - ) - self._transport = transport - else: - import google.auth._default # type: ignore - - if api_key_value and hasattr(google.auth._default, "get_api_key_credentials"): - credentials = google.auth._default.get_api_key_credentials(api_key_value) - - Transport = type(self).get_transport_class(transport) - self._transport = Transport( - credentials=credentials, - credentials_file=client_options.credentials_file, - host=api_endpoint, - scopes=client_options.scopes, - client_cert_source_for_mtls=client_cert_source_func, - quota_project_id=client_options.quota_project_id, - client_info=client_info, - always_use_jwt_access=True, - api_audience=client_options.api_audience, - ) - - def get_system_policy(self, - request: Optional[Union[service.GetSystemPolicyRequest, dict]] = None, - *, - name: Optional[str] = None, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: Optional[float] = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> resources.Policy: - r"""Gets the current system policy in the specified - location. - - .. code-block:: python - - # This snippet has been automatically generated and should be regarded as a - # code template only. - # It will require modifications to work: - # - It may require correct/in-range values for request initialization. - # - It may require specifying regional endpoints when creating the service - # client as shown in: - # https://googleapis.dev/python/google-api-core/latest/client_options.html - from google.cloud import binaryauthorization_v1beta1 - - def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest, dict]): - The request object. Request to read the current system - policy. - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is - not associated with a project. - - This corresponds to the ``name`` field - on the ``request`` instance; if ``request`` is provided, this - should not be set. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.binaryauthorization_v1beta1.types.Policy: - A - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - for Binary Authorization. - - """ - # Create or coerce a protobuf request object. - # Quick check: If we got a request object, we should *not* have - # gotten any keyword arguments that map to the request. - has_flattened_params = any([name]) - if request is not None and has_flattened_params: - raise ValueError('If the `request` argument is set, then none of ' - 'the individual field arguments should be set.') - - # Minor optimization to avoid making a copy if the user passes - # in a service.GetSystemPolicyRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, service.GetSystemPolicyRequest): - request = service.GetSystemPolicyRequest(request) - # If we have keyword arguments corresponding to fields on the - # request, apply these. - if name is not None: - request.name = name - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[self._transport.get_system_policy] - - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ("name", request.name), - )), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def __enter__(self): - return self - - def __exit__(self, type, value, traceback): - """Releases underlying transport's resources. - - .. warning:: - ONLY use as a context manager if the transport is NOT shared - with other clients! Exiting the with block will CLOSE the transport - and may cause errors in other clients! - """ - self.transport.close() - - - - - - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - "google-cloud-binaryauthorization", - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -__all__ = ( - "SystemPolicyV1Beta1Client", -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py deleted file mode 100644 index 2afe7f8..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py +++ /dev/null @@ -1,33 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from collections import OrderedDict -from typing import Dict, Type - -from .base import SystemPolicyV1Beta1Transport -from .grpc import SystemPolicyV1Beta1GrpcTransport -from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - - -# Compile a registry of transports. -_transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Beta1Transport]] -_transport_registry['grpc'] = SystemPolicyV1Beta1GrpcTransport -_transport_registry['grpc_asyncio'] = SystemPolicyV1Beta1GrpcAsyncIOTransport - -__all__ = ( - 'SystemPolicyV1Beta1Transport', - 'SystemPolicyV1Beta1GrpcTransport', - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py deleted file mode 100644 index 7332bfe..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py +++ /dev/null @@ -1,155 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import abc -from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources - -import google.auth # type: ignore -import google.api_core -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import retry as retries -from google.auth import credentials as ga_credentials # type: ignore -from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service - -try: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( - gapic_version=pkg_resources.get_distribution( - 'google-cloud-binaryauthorization', - ).version, - ) -except pkg_resources.DistributionNotFound: - DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo() - - -class SystemPolicyV1Beta1Transport(abc.ABC): - """Abstract transport class for SystemPolicyV1Beta1.""" - - AUTH_SCOPES = ( - 'https://www.googleapis.com/auth/cloud-platform', - ) - - DEFAULT_HOST: str = 'binaryauthorization.googleapis.com' - def __init__( - self, *, - host: str = DEFAULT_HOST, - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - **kwargs, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A list of scopes. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - """ - - scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES} - - # Save the scopes. - self._scopes = scopes - - # If no credentials are provided, then determine the appropriate - # defaults. - if credentials and credentials_file: - raise core_exceptions.DuplicateCredentialArgs("'credentials_file' and 'credentials' are mutually exclusive") - - if credentials_file is not None: - credentials, _ = google.auth.load_credentials_from_file( - credentials_file, - **scopes_kwargs, - quota_project_id=quota_project_id - ) - elif credentials is None: - credentials, _ = google.auth.default(**scopes_kwargs, quota_project_id=quota_project_id) - # Don't apply audience if the credentials file passed from user. - if hasattr(credentials, "with_gdch_audience"): - credentials = credentials.with_gdch_audience(api_audience if api_audience else host) - - # If the credentials are service account credentials, then always try to use self signed JWT. - if always_use_jwt_access and isinstance(credentials, service_account.Credentials) and hasattr(service_account.Credentials, "with_always_use_jwt_access"): - credentials = credentials.with_always_use_jwt_access(True) - - # Save the credentials. - self._credentials = credentials - - # Save the hostname. Default to port 443 (HTTPS) if none is specified. - if ':' not in host: - host += ':443' - self._host = host - - def _prep_wrapped_messages(self, client_info): - # Precompute the wrapped methods. - self._wrapped_methods = { - self.get_system_policy: gapic_v1.method.wrap_method( - self.get_system_policy, - default_timeout=None, - client_info=client_info, - ), - } - - def close(self): - """Closes resources associated with the transport. - - .. warning:: - Only call this method if the transport is NOT shared - with other clients - this may cause errors in other clients! - """ - raise NotImplementedError() - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Union[ - resources.Policy, - Awaitable[resources.Policy] - ]]: - raise NotImplementedError() - - @property - def kind(self) -> str: - raise NotImplementedError() - - -__all__ = ( - 'SystemPolicyV1Beta1Transport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py deleted file mode 100644 index bbe28c5..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py +++ /dev/null @@ -1,266 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 -import google.auth # type: ignore -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO - - -class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): - """gRPC backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - _stubs: Dict[str, Callable] - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[grpc.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional(Sequence[str])): A list of scopes. This argument is - ignored if ``channel`` is provided. - channel (Optional[grpc.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> grpc.Channel: - """Create and return a gRPC channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is mutually exclusive with credentials. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - grpc.Channel: A gRPC channel object. - - Raises: - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - - return grpc_helpers.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - @property - def grpc_channel(self) -> grpc.Channel: - """Return the channel designed to connect to this service. - """ - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - resources.Policy]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - ~.Policy]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - self.grpc_channel.close() - - @property - def kind(self) -> str: - return "grpc" - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py deleted file mode 100644 index 21bdee3..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py +++ /dev/null @@ -1,265 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import warnings -from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union - -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async -from google.auth import credentials as ga_credentials # type: ignore -from google.auth.transport.grpc import SslCredentials # type: ignore - -import grpc # type: ignore -from grpc.experimental import aio # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .grpc import SystemPolicyV1Beta1GrpcTransport - - -class SystemPolicyV1Beta1GrpcAsyncIOTransport(SystemPolicyV1Beta1Transport): - """gRPC AsyncIO backend transport for SystemPolicyV1Beta1. - - API for working with the system policy. - - This class defines the same methods as the primary client, so the - primary client can load the underlying transport implementation - and call it. - - It sends protocol buffers over the wire using gRPC (which is built on - top of HTTP/2); the ``grpcio`` package must be installed. - """ - - _grpc_channel: aio.Channel - _stubs: Dict[str, Callable] = {} - - @classmethod - def create_channel(cls, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - **kwargs) -> aio.Channel: - """Create and return a gRPC AsyncIO channel object. - Args: - host (Optional[str]): The host for the channel to use. - credentials (Optional[~.Credentials]): The - authorization credentials to attach to requests. These - credentials identify this application to the service. If - none are specified, the client will attempt to ascertain - the credentials from the environment. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - kwargs (Optional[dict]): Keyword arguments, which are passed to the - channel creation. - Returns: - aio.Channel: A gRPC AsyncIO channel object. - """ - - return grpc_helpers_async.create_channel( - host, - credentials=credentials, - credentials_file=credentials_file, - quota_project_id=quota_project_id, - default_scopes=cls.AUTH_SCOPES, - scopes=scopes, - default_host=cls.DEFAULT_HOST, - **kwargs - ) - - def __init__(self, *, - host: str = 'binaryauthorization.googleapis.com', - credentials: Optional[ga_credentials.Credentials] = None, - credentials_file: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - channel: Optional[aio.Channel] = None, - api_mtls_endpoint: Optional[str] = None, - client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, - client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, - quota_project_id: Optional[str] = None, - client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, - always_use_jwt_access: Optional[bool] = False, - api_audience: Optional[str] = None, - ) -> None: - """Instantiate the transport. - - Args: - host (Optional[str]): - The hostname to connect to. - credentials (Optional[google.auth.credentials.Credentials]): The - authorization credentials to attach to requests. These - credentials identify the application to the service; if none - are specified, the client will attempt to ascertain the - credentials from the environment. - This argument is ignored if ``channel`` is provided. - credentials_file (Optional[str]): A file with credentials that can - be loaded with :func:`google.auth.load_credentials_from_file`. - This argument is ignored if ``channel`` is provided. - scopes (Optional[Sequence[str]]): A optional list of scopes needed for this - service. These are only used when credentials are not specified and - are passed to :func:`google.auth.default`. - channel (Optional[aio.Channel]): A ``Channel`` instance through - which to make calls. - api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. - If provided, it overrides the ``host`` argument and tries to create - a mutual TLS channel with client SSL credentials from - ``client_cert_source`` or application default SSL credentials. - client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): - Deprecated. A callback to provide client SSL certificate bytes and - private key bytes, both in PEM format. It is ignored if - ``api_mtls_endpoint`` is None. - ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials - for the grpc channel. It is ignored if ``channel`` is provided. - client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): - A callback to provide client certificate bytes and private key bytes, - both in PEM format. It is used to configure a mutual TLS channel. It is - ignored if ``channel`` or ``ssl_channel_credentials`` is provided. - quota_project_id (Optional[str]): An optional project to use for billing - and quota. - client_info (google.api_core.gapic_v1.client_info.ClientInfo): - The client info used to send a user-agent string along with - API requests. If ``None``, then default info will be used. - Generally, you only need to set this if you're developing - your own client library. - always_use_jwt_access (Optional[bool]): Whether self signed JWT should - be used for service account credentials. - - Raises: - google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport - creation failed for any reason. - google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` - and ``credentials_file`` are passed. - """ - self._grpc_channel = None - self._ssl_channel_credentials = ssl_channel_credentials - self._stubs: Dict[str, Callable] = {} - - if api_mtls_endpoint: - warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) - if client_cert_source: - warnings.warn("client_cert_source is deprecated", DeprecationWarning) - - if channel: - # Ignore credentials if a channel was passed. - credentials = False - # If a channel was explicitly provided, set it. - self._grpc_channel = channel - self._ssl_channel_credentials = None - else: - if api_mtls_endpoint: - host = api_mtls_endpoint - - # Create SSL credentials with client_cert_source or application - # default SSL credentials. - if client_cert_source: - cert, key = client_cert_source() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - else: - self._ssl_channel_credentials = SslCredentials().ssl_credentials - - else: - if client_cert_source_for_mtls and not ssl_channel_credentials: - cert, key = client_cert_source_for_mtls() - self._ssl_channel_credentials = grpc.ssl_channel_credentials( - certificate_chain=cert, private_key=key - ) - - # The base transport sets the host, credentials and scopes - super().__init__( - host=host, - credentials=credentials, - credentials_file=credentials_file, - scopes=scopes, - quota_project_id=quota_project_id, - client_info=client_info, - always_use_jwt_access=always_use_jwt_access, - api_audience=api_audience, - ) - - if not self._grpc_channel: - self._grpc_channel = type(self).create_channel( - self._host, - # use the credentials which are saved - credentials=self._credentials, - # Set ``credentials_file`` to ``None`` here as - # the credentials that we saved earlier should be used. - credentials_file=None, - scopes=self._scopes, - ssl_credentials=self._ssl_channel_credentials, - quota_project_id=quota_project_id, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Wrap messages. This must be done after self._grpc_channel exists - self._prep_wrapped_messages(client_info) - - @property - def grpc_channel(self) -> aio.Channel: - """Create the channel designed to connect to this service. - - This property caches on the instance; repeated calls return - the same channel. - """ - # Return the channel from cache. - return self._grpc_channel - - @property - def get_system_policy(self) -> Callable[ - [service.GetSystemPolicyRequest], - Awaitable[resources.Policy]]: - r"""Return a callable for the get system policy method over gRPC. - - Gets the current system policy in the specified - location. - - Returns: - Callable[[~.GetSystemPolicyRequest], - Awaitable[~.Policy]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if 'get_system_policy' not in self._stubs: - self._stubs['get_system_policy'] = self.grpc_channel.unary_unary( - '/google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1/GetSystemPolicy', - request_serializer=service.GetSystemPolicyRequest.serialize, - response_deserializer=resources.Policy.deserialize, - ) - return self._stubs['get_system_policy'] - - def close(self): - return self.grpc_channel.close() - - -__all__ = ( - 'SystemPolicyV1Beta1GrpcAsyncIOTransport', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py deleted file mode 100644 index 289c81c..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/__init__.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from .continuous_validation_logging import ( - ContinuousValidationEvent, -) -from .resources import ( - AdmissionRule, - AdmissionWhitelistPattern, - Attestor, - AttestorPublicKey, - PkixPublicKey, - Policy, - UserOwnedDrydockNote, -) -from .service import ( - CreateAttestorRequest, - DeleteAttestorRequest, - GetAttestorRequest, - GetPolicyRequest, - GetSystemPolicyRequest, - ListAttestorsRequest, - ListAttestorsResponse, - UpdateAttestorRequest, - UpdatePolicyRequest, -) - -__all__ = ( - 'ContinuousValidationEvent', - 'AdmissionRule', - 'AdmissionWhitelistPattern', - 'Attestor', - 'AttestorPublicKey', - 'PkixPublicKey', - 'Policy', - 'UserOwnedDrydockNote', - 'CreateAttestorRequest', - 'DeleteAttestorRequest', - 'GetAttestorRequest', - 'GetPolicyRequest', - 'GetSystemPolicyRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'UpdateAttestorRequest', - 'UpdatePolicyRequest', -) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py deleted file mode 100644 index 85c30dd..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py +++ /dev/null @@ -1,163 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'ContinuousValidationEvent', - }, -) - - -class ContinuousValidationEvent(proto.Message): - r"""Represents an auditing event from Continuous Validation. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - pod_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent): - Pod event. - - This field is a member of `oneof`_ ``event_type``. - unsupported_policy_event (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.UnsupportedPolicyEvent): - Unsupported policy event. - - This field is a member of `oneof`_ ``event_type``. - """ - - class ContinuousValidationPodEvent(proto.Message): - r"""An auditing event for one Pod. - - Attributes: - pod_namespace (str): - The k8s namespace of the Pod. - pod (str): - The name of the Pod. - deploy_time (google.protobuf.timestamp_pb2.Timestamp): - Deploy time of the Pod from k8s. - end_time (google.protobuf.timestamp_pb2.Timestamp): - Termination time of the Pod from k8s, or - nothing if still running. - verdict (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict): - Auditing verdict for this Pod. - images (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails]): - List of images with auditing details. - """ - class PolicyConformanceVerdict(proto.Enum): - r"""Audit time policy conformance verdict.""" - POLICY_CONFORMANCE_VERDICT_UNSPECIFIED = 0 - VIOLATES_POLICY = 1 - - class ImageDetails(proto.Message): - r"""Container image with auditing details. - - Attributes: - image (str): - The name of the image. - result (google.cloud.binaryauthorization_v1beta1.types.ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult): - The result of the audit for this image. - description (str): - Description of the above result. - """ - class AuditResult(proto.Enum): - r"""Result of the audit.""" - AUDIT_RESULT_UNSPECIFIED = 0 - ALLOW = 1 - DENY = 2 - - image: str = proto.Field( - proto.STRING, - number=1, - ) - result: 'ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult' = proto.Field( - proto.ENUM, - number=2, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails.AuditResult', - ) - description: str = proto.Field( - proto.STRING, - number=3, - ) - - pod_namespace: str = proto.Field( - proto.STRING, - number=7, - ) - pod: str = proto.Field( - proto.STRING, - number=1, - ) - deploy_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=2, - message=timestamp_pb2.Timestamp, - ) - end_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=3, - message=timestamp_pb2.Timestamp, - ) - verdict: 'ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict' = proto.Field( - proto.ENUM, - number=4, - enum='ContinuousValidationEvent.ContinuousValidationPodEvent.PolicyConformanceVerdict', - ) - images: MutableSequence['ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails'] = proto.RepeatedField( - proto.MESSAGE, - number=5, - message='ContinuousValidationEvent.ContinuousValidationPodEvent.ImageDetails', - ) - - class UnsupportedPolicyEvent(proto.Message): - r"""An event describing that the project policy is unsupported by - CV. - - Attributes: - description (str): - A description of the unsupported policy. - """ - - description: str = proto.Field( - proto.STRING, - number=1, - ) - - pod_event: ContinuousValidationPodEvent = proto.Field( - proto.MESSAGE, - number=1, - oneof='event_type', - message=ContinuousValidationPodEvent, - ) - unsupported_policy_event: UnsupportedPolicyEvent = proto.Field( - proto.MESSAGE, - number=2, - oneof='event_type', - message=UnsupportedPolicyEvent, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py deleted file mode 100644 index 8884bab..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/resources.py +++ /dev/null @@ -1,463 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.protobuf import timestamp_pb2 # type: ignore - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'Policy', - 'AdmissionWhitelistPattern', - 'AdmissionRule', - 'Attestor', - 'UserOwnedDrydockNote', - 'PkixPublicKey', - 'AttestorPublicKey', - }, -) - - -class Policy(proto.Message): - r"""A [policy][google.cloud.binaryauthorization.v1beta1.Policy] for - Binary Authorization. - - Attributes: - name (str): - Output only. The resource name, in the format - ``projects/*/policy``. There is at most one policy per - project. - description (str): - Optional. A descriptive comment. - global_policy_evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.Policy.GlobalPolicyEvaluationMode): - Optional. Controls the evaluation of a - Google-maintained global admission policy for - common system-level images. Images not covered - by the global policy will be subject to the - project admission policy. This setting has no - effect when specified inside a global admission - policy. - admission_whitelist_patterns (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AdmissionWhitelistPattern]): - Optional. Admission policy allowlisting. A - matching admission request will always be - permitted. This feature is typically used to - exclude Google or third-party infrastructure - images from Binary Authorization policies. - cluster_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-cluster admission rules. Cluster spec format: - ``location.clusterId``. There can be at most one admission - rule per cluster spec. A ``location`` is either a compute - zone (e.g. us-central1-a) or a region (e.g. us-central1). - For ``clusterId`` syntax restrictions see - https://cloud.google.com/container-engine/reference/rest/v1/projects.zones.clusters. - kubernetes_namespace_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-namespace admission rules. K8s - namespace spec format: ``[a-z.-]+``, e.g. ``some-namespace`` - kubernetes_service_account_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-kubernetes-service-account admission rules. - Service account spec format: ``namespace:serviceaccount``. - e.g. ``test-ns:default`` - istio_service_identity_admission_rules (MutableMapping[str, google.cloud.binaryauthorization_v1beta1.types.AdmissionRule]): - Optional. Per-istio-service-identity admission rules. Istio - service identity spec format: - ``spiffe:///ns//sa/`` or - ``/ns//sa/`` e.g. - ``spiffe://example.com/ns/test-ns/sa/default`` - default_admission_rule (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule): - Required. Default admission rule for a - cluster without a per-cluster, per- - kubernetes-service-account, or - per-istio-service-identity admission rule. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the policy was last - updated. - """ - class GlobalPolicyEvaluationMode(proto.Enum): - r"""""" - GLOBAL_POLICY_EVALUATION_MODE_UNSPECIFIED = 0 - ENABLE = 1 - DISABLE = 2 - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - global_policy_evaluation_mode: GlobalPolicyEvaluationMode = proto.Field( - proto.ENUM, - number=7, - enum=GlobalPolicyEvaluationMode, - ) - admission_whitelist_patterns: MutableSequence['AdmissionWhitelistPattern'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AdmissionWhitelistPattern', - ) - cluster_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=3, - message='AdmissionRule', - ) - kubernetes_namespace_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=10, - message='AdmissionRule', - ) - kubernetes_service_account_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=8, - message='AdmissionRule', - ) - istio_service_identity_admission_rules: MutableMapping[str, 'AdmissionRule'] = proto.MapField( - proto.STRING, - proto.MESSAGE, - number=9, - message='AdmissionRule', - ) - default_admission_rule: 'AdmissionRule' = proto.Field( - proto.MESSAGE, - number=4, - message='AdmissionRule', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=5, - message=timestamp_pb2.Timestamp, - ) - - -class AdmissionWhitelistPattern(proto.Message): - r"""An [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - exempts images from checks by [admission - rules][google.cloud.binaryauthorization.v1beta1.AdmissionRule]. - - Attributes: - name_pattern (str): - An image name pattern to allowlist, in the form - ``registry/path/to/image``. This supports a trailing ``*`` - as a wildcard, but this is allowed only in text after the - ``registry/`` part. ``*`` wildcard does not match ``/``, - i.e., ``gcr.io/nginx*`` matches ``gcr.io/nginx@latest``, but - it does not match ``gcr.io/nginx/image``. This also supports - a trailing ``**`` wildcard which matches subdirectories, - i.e., ``gcr.io/nginx**`` matches ``gcr.io/nginx/image``. - """ - - name_pattern: str = proto.Field( - proto.STRING, - number=1, - ) - - -class AdmissionRule(proto.Message): - r"""An [admission - rule][google.cloud.binaryauthorization.v1beta1.AdmissionRule] - specifies either that all container images used in a pod creation - request must be attested to by one or more - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], that - all pod creations will be allowed, or that all pod creations will be - denied. - - Images matching an [admission allowlist - pattern][google.cloud.binaryauthorization.v1beta1.AdmissionWhitelistPattern] - are exempted from admission rules and will never block a pod - creation. - - Attributes: - evaluation_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EvaluationMode): - Required. How this admission rule will be - evaluated. - require_attestations_by (MutableSequence[str]): - Optional. The resource names of the attestors that must - attest to a container image, in the format - ``projects/*/attestors/*``. Each attestor must exist before - a policy can reference it. To add an attestor to a policy - the principal issuing the policy change request must be able - to read the attestor resource. - - Note: this field must be non-empty when the evaluation_mode - field specifies REQUIRE_ATTESTATION, otherwise it must be - empty. - enforcement_mode (google.cloud.binaryauthorization_v1beta1.types.AdmissionRule.EnforcementMode): - Required. The action when a pod creation is - denied by the admission rule. - """ - class EvaluationMode(proto.Enum): - r"""""" - EVALUATION_MODE_UNSPECIFIED = 0 - ALWAYS_ALLOW = 1 - REQUIRE_ATTESTATION = 2 - ALWAYS_DENY = 3 - - class EnforcementMode(proto.Enum): - r"""Defines the possible actions when a pod creation is denied by - an admission rule. - """ - ENFORCEMENT_MODE_UNSPECIFIED = 0 - ENFORCED_BLOCK_AND_AUDIT_LOG = 1 - DRYRUN_AUDIT_LOG_ONLY = 2 - - evaluation_mode: EvaluationMode = proto.Field( - proto.ENUM, - number=1, - enum=EvaluationMode, - ) - require_attestations_by: MutableSequence[str] = proto.RepeatedField( - proto.STRING, - number=2, - ) - enforcement_mode: EnforcementMode = proto.Field( - proto.ENUM, - number=3, - enum=EnforcementMode, - ) - - -class Attestor(proto.Message): - r"""An [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - that attests to container image artifacts. An existing attestor - cannot be modified except where indicated. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - name (str): - Required. The resource name, in the format: - ``projects/*/attestors/*``. This field may not be updated. - description (str): - Optional. A descriptive comment. This field - may be updated. The field may be displayed in - chooser dialogs. - user_owned_drydock_note (google.cloud.binaryauthorization_v1beta1.types.UserOwnedDrydockNote): - A Drydock ATTESTATION_AUTHORITY Note, created by the user. - - This field is a member of `oneof`_ ``attestor_type``. - update_time (google.protobuf.timestamp_pb2.Timestamp): - Output only. Time when the attestor was last - updated. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=6, - ) - user_owned_drydock_note: 'UserOwnedDrydockNote' = proto.Field( - proto.MESSAGE, - number=3, - oneof='attestor_type', - message='UserOwnedDrydockNote', - ) - update_time: timestamp_pb2.Timestamp = proto.Field( - proto.MESSAGE, - number=4, - message=timestamp_pb2.Timestamp, - ) - - -class UserOwnedDrydockNote(proto.Message): - r"""An [user owned drydock - note][google.cloud.binaryauthorization.v1beta1.UserOwnedDrydockNote] - references a Drydock ATTESTATION_AUTHORITY Note created by the user. - - Attributes: - note_reference (str): - Required. The Drydock resource name of a - ATTESTATION_AUTHORITY Note, created by the user, in the - format: ``projects/*/notes/*`` (or the legacy - ``providers/*/notes/*``). This field may not be updated. - - An attestation by this attestor is stored as a Drydock - ATTESTATION_AUTHORITY Occurrence that names a container - image and that links to this Note. Drydock is an external - dependency. - public_keys (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.AttestorPublicKey]): - Optional. Public keys that verify - attestations signed by this attestor. This - field may be updated. - If this field is non-empty, one of the specified - public keys must verify that an attestation was - signed by this attestor for the image specified - in the admission request. - - If this field is empty, this attestor always - returns that no valid attestations exist. - delegation_service_account_email (str): - Output only. This field will contain the service account - email address that this Attestor will use as the principal - when querying Container Analysis. Attestor administrators - must grant this service account the IAM role needed to read - attestations from the [note_reference][Note] in Container - Analysis (``containeranalysis.notes.occurrences.viewer``). - - This email address is fixed for the lifetime of the - Attestor, but callers should not make any other assumptions - about the service account email; future versions may use an - email based on a different naming pattern. - """ - - note_reference: str = proto.Field( - proto.STRING, - number=1, - ) - public_keys: MutableSequence['AttestorPublicKey'] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message='AttestorPublicKey', - ) - delegation_service_account_email: str = proto.Field( - proto.STRING, - number=3, - ) - - -class PkixPublicKey(proto.Message): - r"""A public key in the PkixPublicKey format (see - https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for - details). Public keys of this type are typically textually - encoded using the PEM format. - - Attributes: - public_key_pem (str): - A PEM-encoded public key, as described in - https://tools.ietf.org/html/rfc7468#section-13 - signature_algorithm (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey.SignatureAlgorithm): - The signature algorithm used to verify a message against a - signature using this key. These signature algorithm must - match the structure and any object identifiers encoded in - ``public_key_pem`` (i.e. this algorithm must match that of - the public key). - """ - class SignatureAlgorithm(proto.Enum): - r"""Represents a signature algorithm and other information - necessary to verify signatures with a given public key. This is - based primarily on the public key types supported by Tink's - PemKeyType, which is in turn based on KMS's supported signing - algorithms. See https://cloud.google.com/kms/docs/algorithms. In - the future, BinAuthz might support additional public key types - independently of Tink and/or KMS. - """ - _pb_options = {'allow_alias': True} - SIGNATURE_ALGORITHM_UNSPECIFIED = 0 - RSA_PSS_2048_SHA256 = 1 - RSA_PSS_3072_SHA256 = 2 - RSA_PSS_4096_SHA256 = 3 - RSA_PSS_4096_SHA512 = 4 - RSA_SIGN_PKCS1_2048_SHA256 = 5 - RSA_SIGN_PKCS1_3072_SHA256 = 6 - RSA_SIGN_PKCS1_4096_SHA256 = 7 - RSA_SIGN_PKCS1_4096_SHA512 = 8 - ECDSA_P256_SHA256 = 9 - EC_SIGN_P256_SHA256 = 9 - ECDSA_P384_SHA384 = 10 - EC_SIGN_P384_SHA384 = 10 - ECDSA_P521_SHA512 = 11 - EC_SIGN_P521_SHA512 = 11 - - public_key_pem: str = proto.Field( - proto.STRING, - number=1, - ) - signature_algorithm: SignatureAlgorithm = proto.Field( - proto.ENUM, - number=2, - enum=SignatureAlgorithm, - ) - - -class AttestorPublicKey(proto.Message): - r"""An [attestor public - key][google.cloud.binaryauthorization.v1beta1.AttestorPublicKey] - that will be used to verify attestations signed by this attestor. - - This message has `oneof`_ fields (mutually exclusive fields). - For each oneof, at most one member field can be set at the same time. - Setting any member of the oneof automatically clears all other - members. - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - comment (str): - Optional. A descriptive comment. This field - may be updated. - id (str): - The ID of this public key. Signatures verified by BinAuthz - must include the ID of the public key that can be used to - verify them, and that ID must match the contents of this - field exactly. Additional restrictions on this field can be - imposed based on which public key type is encapsulated. See - the documentation on ``public_key`` cases below for details. - ascii_armored_pgp_public_key (str): - ASCII-armored representation of a PGP public key, as the - entire output by the command - ``gpg --export --armor foo@example.com`` (either LF or CRLF - line endings). When using this field, ``id`` should be left - blank. The BinAuthz API handlers will calculate the ID and - fill it in automatically. BinAuthz computes this ID as the - OpenPGP RFC4880 V4 fingerprint, represented as upper-case - hex. If ``id`` is provided by the caller, it will be - overwritten by the API-calculated ID. - - This field is a member of `oneof`_ ``public_key``. - pkix_public_key (google.cloud.binaryauthorization_v1beta1.types.PkixPublicKey): - A raw PKIX SubjectPublicKeyInfo format public key. - - NOTE: ``id`` may be explicitly provided by the caller when - using this type of public key, but it MUST be a valid - RFC3986 URI. If ``id`` is left blank, a default one will be - computed based on the digest of the DER encoding of the - public key. - - This field is a member of `oneof`_ ``public_key``. - """ - - comment: str = proto.Field( - proto.STRING, - number=1, - ) - id: str = proto.Field( - proto.STRING, - number=2, - ) - ascii_armored_pgp_public_key: str = proto.Field( - proto.STRING, - number=3, - oneof='public_key', - ) - pkix_public_key: 'PkixPublicKey' = proto.Field( - proto.MESSAGE, - number=5, - oneof='public_key', - message='PkixPublicKey', - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py b/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py deleted file mode 100644 index 4b8caad..0000000 --- a/owl-bot-staging/v1beta1/google/cloud/binaryauthorization_v1beta1/types/service.py +++ /dev/null @@ -1,243 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -from typing import MutableMapping, MutableSequence - -import proto # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources - - -__protobuf__ = proto.module( - package='google.cloud.binaryauthorization.v1beta1', - manifest={ - 'GetPolicyRequest', - 'UpdatePolicyRequest', - 'CreateAttestorRequest', - 'GetAttestorRequest', - 'UpdateAttestorRequest', - 'ListAttestorsRequest', - 'ListAttestorsResponse', - 'DeleteAttestorRequest', - 'GetSystemPolicyRequest', - }, -) - - -class GetPolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetPolicy][]. - - Attributes: - name (str): - Required. The resource name of the - [policy][google.cloud.binaryauthorization.v1beta1.Policy] to - retrieve, in the format ``projects/*/policy``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdatePolicyRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdatePolicy][]. - - Attributes: - policy (google.cloud.binaryauthorization_v1beta1.types.Policy): - Required. A new or updated - [policy][google.cloud.binaryauthorization.v1beta1.Policy] - value. The service will overwrite the [policy - name][google.cloud.binaryauthorization.v1beta1.Policy.name] - field with the resource name in the request URL, in the - format ``projects/*/policy``. - """ - - policy: resources.Policy = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Policy, - ) - - -class CreateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.CreateAttestor][]. - - Attributes: - parent (str): - Required. The parent of this - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor]. - attestor_id (str): - Required. The - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - ID. - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The initial - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name, in the format - ``projects/*/attestors/*``. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - attestor_id: str = proto.Field( - proto.STRING, - number=2, - ) - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=3, - message=resources.Attestor, - ) - - -class GetAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.GetAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - to retrieve, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class UpdateAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.UpdateAttestor][]. - - Attributes: - attestor (google.cloud.binaryauthorization_v1beta1.types.Attestor): - Required. The updated - [attestor][google.cloud.binaryauthorization.v1beta1.Attestor] - value. The service will overwrite the [attestor - name][google.cloud.binaryauthorization.v1beta1.Attestor.name] - field with the resource name in the request URL, in the - format ``projects/*/attestors/*``. - """ - - attestor: resources.Attestor = proto.Field( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - - -class ListAttestorsRequest(proto.Message): - r"""Request message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - parent (str): - Required. The resource name of the project associated with - the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor], - in the format ``projects/*``. - page_size (int): - Requested page size. The server may return - fewer results than requested. If unspecified, - the server will pick an appropriate default. - page_token (str): - A token identifying a page of results the server should - return. Typically, this is the value of - [ListAttestorsResponse.next_page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsResponse.next_page_token] - returned from the previous call to the ``ListAttestors`` - method. - """ - - parent: str = proto.Field( - proto.STRING, - number=1, - ) - page_size: int = proto.Field( - proto.INT32, - number=2, - ) - page_token: str = proto.Field( - proto.STRING, - number=3, - ) - - -class ListAttestorsResponse(proto.Message): - r"""Response message for [BinauthzManagementService.ListAttestors][]. - - Attributes: - attestors (MutableSequence[google.cloud.binaryauthorization_v1beta1.types.Attestor]): - The list of - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor]. - next_page_token (str): - A token to retrieve the next page of results. Pass this - value in the - [ListAttestorsRequest.page_token][google.cloud.binaryauthorization.v1beta1.ListAttestorsRequest.page_token] - field in the subsequent call to the ``ListAttestors`` method - to retrieve the next page of results. - """ - - @property - def raw_page(self): - return self - - attestors: MutableSequence[resources.Attestor] = proto.RepeatedField( - proto.MESSAGE, - number=1, - message=resources.Attestor, - ) - next_page_token: str = proto.Field( - proto.STRING, - number=2, - ) - - -class DeleteAttestorRequest(proto.Message): - r"""Request message for [BinauthzManagementService.DeleteAttestor][]. - - Attributes: - name (str): - Required. The name of the - [attestors][google.cloud.binaryauthorization.v1beta1.Attestor] - to delete, in the format ``projects/*/attestors/*``. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -class GetSystemPolicyRequest(proto.Message): - r"""Request to read the current system policy. - - Attributes: - name (str): - Required. The resource name, in the format - ``locations/*/policy``. Note that the system policy is not - associated with a project. - """ - - name: str = proto.Field( - proto.STRING, - number=1, - ) - - -__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/owl-bot-staging/v1beta1/mypy.ini b/owl-bot-staging/v1beta1/mypy.ini deleted file mode 100644 index 574c5ae..0000000 --- a/owl-bot-staging/v1beta1/mypy.ini +++ /dev/null @@ -1,3 +0,0 @@ -[mypy] -python_version = 3.7 -namespace_packages = True diff --git a/owl-bot-staging/v1beta1/noxfile.py b/owl-bot-staging/v1beta1/noxfile.py deleted file mode 100644 index b45044d..0000000 --- a/owl-bot-staging/v1beta1/noxfile.py +++ /dev/null @@ -1,179 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -import pathlib -import shutil -import subprocess -import sys - - -import nox # type: ignore - -ALL_PYTHON = [ - "3.7", - "3.8", - "3.9", - "3.10", -] - -CURRENT_DIRECTORY = pathlib.Path(__file__).parent.absolute() - -LOWER_BOUND_CONSTRAINTS_FILE = CURRENT_DIRECTORY / "constraints.txt" -PACKAGE_NAME = subprocess.check_output([sys.executable, "setup.py", "--name"], encoding="utf-8") - -BLACK_VERSION = "black==22.3.0" -BLACK_PATHS = ["docs", "google", "tests", "samples", "noxfile.py", "setup.py"] -DEFAULT_PYTHON_VERSION = "3.10" - -nox.sessions = [ - "unit", - "cover", - "mypy", - "check_lower_bounds" - # exclude update_lower_bounds from default - "docs", - "blacken", - "lint", - "lint_setup_py", -] - -@nox.session(python=ALL_PYTHON) -def unit(session): - """Run the unit test suite.""" - - session.install('coverage', 'pytest', 'pytest-cov', 'pytest-asyncio', 'asyncmock; python_version < "3.8"') - session.install('-e', '.') - - session.run( - 'py.test', - '--quiet', - '--cov=google/cloud/binaryauthorization_v1beta1/', - '--cov=tests/', - '--cov-config=.coveragerc', - '--cov-report=term', - '--cov-report=html', - os.path.join('tests', 'unit', ''.join(session.posargs)) - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def cover(session): - """Run the final coverage report. - This outputs the coverage report aggregating coverage from the unit - test runs (not system test runs), and then erases coverage data. - """ - session.install("coverage", "pytest-cov") - session.run("coverage", "report", "--show-missing", "--fail-under=100") - - session.run("coverage", "erase") - - -@nox.session(python=ALL_PYTHON) -def mypy(session): - """Run the type checker.""" - session.install('mypy', 'types-pkg_resources') - session.install('.') - session.run( - 'mypy', - '--explicit-package-bases', - 'google', - ) - - -@nox.session -def update_lower_bounds(session): - """Update lower bounds in constraints.txt to match setup.py""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'update', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - - -@nox.session -def check_lower_bounds(session): - """Check lower bounds in setup.py are reflected in constraints file""" - session.install('google-cloud-testutils') - session.install('.') - - session.run( - 'lower-bound-checker', - 'check', - '--package-name', - PACKAGE_NAME, - '--constraints-file', - str(LOWER_BOUND_CONSTRAINTS_FILE), - ) - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def docs(session): - """Build the docs for this library.""" - - session.install("-e", ".") - session.install("sphinx==4.0.1", "alabaster", "recommonmark") - - shutil.rmtree(os.path.join("docs", "_build"), ignore_errors=True) - session.run( - "sphinx-build", - "-W", # warnings as errors - "-T", # show full traceback on exception - "-N", # no colors - "-b", - "html", - "-d", - os.path.join("docs", "_build", "doctrees", ""), - os.path.join("docs", ""), - os.path.join("docs", "_build", "html", ""), - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint(session): - """Run linters. - - Returns a failure if the linters find linting errors or sufficiently - serious code quality issues. - """ - session.install("flake8", BLACK_VERSION) - session.run( - "black", - "--check", - *BLACK_PATHS, - ) - session.run("flake8", "google", "tests", "samples") - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def blacken(session): - """Run black. Format code to uniform standard.""" - session.install(BLACK_VERSION) - session.run( - "black", - *BLACK_PATHS, - ) - - -@nox.session(python=DEFAULT_PYTHON_VERSION) -def lint_setup_py(session): - """Verify that setup.py is valid (including RST check).""" - session.install("docutils", "pygments") - session.run("python", "setup.py", "check", "--restructuredtext", "--strict") diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py deleted file mode 100644 index 793b1ea..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = await client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py deleted file mode 100644 index 4de96ca..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py +++ /dev/null @@ -1,58 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for CreateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_create_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.CreateAttestorRequest( - parent="parent_value", - attestor_id="attestor_id_value", - attestor=attestor, - ) - - # Make the request - response = client.create_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py deleted file mode 100644 index 3aa680b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - await client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py deleted file mode 100644 index 7a0a694..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py +++ /dev/null @@ -1,50 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for DeleteAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_delete_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.DeleteAttestorRequest( - name="name_value", - ) - - # Make the request - client.delete_attestor(request=request) - - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py deleted file mode 100644 index d3affd0..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = await client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py deleted file mode 100644 index b2fa796..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetAttestorRequest( - name="name_value", - ) - - # Make the request - response = client.get_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py deleted file mode 100644 index 99deaa5..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py deleted file mode 100644 index ae48362..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py deleted file mode 100644 index 9373d89..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - async for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py deleted file mode 100644 index 24f6afc..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py +++ /dev/null @@ -1,53 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for ListAttestors -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_list_attestors(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.ListAttestorsRequest( - parent="parent_value", - ) - - # Make the request - page_result = client.list_attestors(request=request) - - # Handle the response - for response in page_result: - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py deleted file mode 100644 index 463bb99..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = await client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py deleted file mode 100644 index 21ce41a..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdateAttestor -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_attestor(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - attestor = binaryauthorization_v1beta1.Attestor() - attestor.user_owned_drydock_note.note_reference = "note_reference_value" - attestor.name = "name_value" - - request = binaryauthorization_v1beta1.UpdateAttestorRequest( - attestor=attestor, - ) - - # Make the request - response = client.update_attestor(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py deleted file mode 100644 index 2d3f605..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = await client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py deleted file mode 100644 index 85ba6b8..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py +++ /dev/null @@ -1,56 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for UpdatePolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_update_policy(): - # Create a client - client = binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client() - - # Initialize request argument(s) - policy = binaryauthorization_v1beta1.Policy() - policy.default_admission_rule.evaluation_mode = "ALWAYS_DENY" - policy.default_admission_rule.enforcement_mode = "DRYRUN_AUDIT_LOG_ONLY" - - request = binaryauthorization_v1beta1.UpdatePolicyRequest( - policy=policy, - ) - - # Make the request - response = client.update_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py deleted file mode 100644 index 36a01b4..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -async def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = await client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py b/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py deleted file mode 100644 index 6b68d3b..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py +++ /dev/null @@ -1,52 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Generated code. DO NOT EDIT! -# -# Snippet for GetSystemPolicy -# NOTE: This snippet has been automatically generated for illustrative purposes only. -# It may require modifications to work in your environment. - -# To install the latest published package dependency, execute the following: -# python3 -m pip install google-cloud-binaryauthorization - - -# [START binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] -# This snippet has been automatically generated and should be regarded as a -# code template only. -# It will require modifications to work: -# - It may require correct/in-range values for request initialization. -# - It may require specifying regional endpoints when creating the service -# client as shown in: -# https://googleapis.dev/python/google-api-core/latest/client_options.html -from google.cloud import binaryauthorization_v1beta1 - - -def sample_get_system_policy(): - # Create a client - client = binaryauthorization_v1beta1.SystemPolicyV1Beta1Client() - - # Initialize request argument(s) - request = binaryauthorization_v1beta1.GetSystemPolicyRequest( - name="name_value", - ) - - # Make the request - response = client.get_system_policy(request=request) - - # Handle the response - print(response) - -# [END binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync] diff --git a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json b/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json deleted file mode 100644 index c59b49a..0000000 --- a/owl-bot-staging/v1beta1/samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json +++ /dev/null @@ -1,1313 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1beta1", - "version": "v1beta1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization", - "version": "0.1.0" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", - "shortName": "SystemPolicyV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", - "shortName": "SystemPolicyV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" - } - ] -} diff --git a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py b/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py deleted file mode 100644 index e4d7076..0000000 --- a/owl-bot-staging/v1beta1/scripts/fixup_binaryauthorization_v1beta1_keywords.py +++ /dev/null @@ -1,183 +0,0 @@ -#! /usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import argparse -import os -import libcst as cst -import pathlib -import sys -from typing import (Any, Callable, Dict, List, Sequence, Tuple) - - -def partition( - predicate: Callable[[Any], bool], - iterator: Sequence[Any] -) -> Tuple[List[Any], List[Any]]: - """A stable, out-of-place partition.""" - results = ([], []) - - for i in iterator: - results[int(predicate(i))].append(i) - - # Returns trueList, falseList - return results[1], results[0] - - -class binaryauthorizationCallTransformer(cst.CSTTransformer): - CTRL_PARAMS: Tuple[str] = ('retry', 'timeout', 'metadata') - METHOD_TO_PARAMS: Dict[str, Tuple[str]] = { - 'create_attestor': ('parent', 'attestor_id', 'attestor', ), - 'delete_attestor': ('name', ), - 'get_attestor': ('name', ), - 'get_policy': ('name', ), - 'get_system_policy': ('name', ), - 'list_attestors': ('parent', 'page_size', 'page_token', ), - 'update_attestor': ('attestor', ), - 'update_policy': ('policy', ), - } - - def leave_Call(self, original: cst.Call, updated: cst.Call) -> cst.CSTNode: - try: - key = original.func.attr.value - kword_params = self.METHOD_TO_PARAMS[key] - except (AttributeError, KeyError): - # Either not a method from the API or too convoluted to be sure. - return updated - - # If the existing code is valid, keyword args come after positional args. - # Therefore, all positional args must map to the first parameters. - args, kwargs = partition(lambda a: not bool(a.keyword), updated.args) - if any(k.keyword.value == "request" for k in kwargs): - # We've already fixed this file, don't fix it again. - return updated - - kwargs, ctrl_kwargs = partition( - lambda a: a.keyword.value not in self.CTRL_PARAMS, - kwargs - ) - - args, ctrl_args = args[:len(kword_params)], args[len(kword_params):] - ctrl_kwargs.extend(cst.Arg(value=a.value, keyword=cst.Name(value=ctrl)) - for a, ctrl in zip(ctrl_args, self.CTRL_PARAMS)) - - request_arg = cst.Arg( - value=cst.Dict([ - cst.DictElement( - cst.SimpleString("'{}'".format(name)), -cst.Element(value=arg.value) - ) - # Note: the args + kwargs looks silly, but keep in mind that - # the control parameters had to be stripped out, and that - # those could have been passed positionally or by keyword. - for name, arg in zip(kword_params, args + kwargs)]), - keyword=cst.Name("request") - ) - - return updated.with_changes( - args=[request_arg] + ctrl_kwargs - ) - - -def fix_files( - in_dir: pathlib.Path, - out_dir: pathlib.Path, - *, - transformer=binaryauthorizationCallTransformer(), -): - """Duplicate the input dir to the output dir, fixing file method calls. - - Preconditions: - * in_dir is a real directory - * out_dir is a real, empty directory - """ - pyfile_gen = ( - pathlib.Path(os.path.join(root, f)) - for root, _, files in os.walk(in_dir) - for f in files if os.path.splitext(f)[1] == ".py" - ) - - for fpath in pyfile_gen: - with open(fpath, 'r') as f: - src = f.read() - - # Parse the code and insert method call fixes. - tree = cst.parse_module(src) - updated = tree.visit(transformer) - - # Create the path and directory structure for the new file. - updated_path = out_dir.joinpath(fpath.relative_to(in_dir)) - updated_path.parent.mkdir(parents=True, exist_ok=True) - - # Generate the updated source file at the corresponding path. - with open(updated_path, 'w') as f: - f.write(updated.code) - - -if __name__ == '__main__': - parser = argparse.ArgumentParser( - description="""Fix up source that uses the binaryauthorization client library. - -The existing sources are NOT overwritten but are copied to output_dir with changes made. - -Note: This tool operates at a best-effort level at converting positional - parameters in client method calls to keyword based parameters. - Cases where it WILL FAIL include - A) * or ** expansion in a method call. - B) Calls via function or method alias (includes free function calls) - C) Indirect or dispatched calls (e.g. the method is looked up dynamically) - - These all constitute false negatives. The tool will also detect false - positives when an API method shares a name with another method. -""") - parser.add_argument( - '-d', - '--input-directory', - required=True, - dest='input_dir', - help='the input directory to walk for python files to fix up', - ) - parser.add_argument( - '-o', - '--output-directory', - required=True, - dest='output_dir', - help='the directory to output files fixed via un-flattening', - ) - args = parser.parse_args() - input_dir = pathlib.Path(args.input_dir) - output_dir = pathlib.Path(args.output_dir) - if not input_dir.is_dir(): - print( - f"input directory '{input_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if not output_dir.is_dir(): - print( - f"output directory '{output_dir}' does not exist or is not a directory", - file=sys.stderr, - ) - sys.exit(-1) - - if os.listdir(output_dir): - print( - f"output directory '{output_dir}' is not empty", - file=sys.stderr, - ) - sys.exit(-1) - - fix_files(input_dir, output_dir) diff --git a/owl-bot-staging/v1beta1/setup.py b/owl-bot-staging/v1beta1/setup.py deleted file mode 100644 index b9a59d2..0000000 --- a/owl-bot-staging/v1beta1/setup.py +++ /dev/null @@ -1,90 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import io -import os - -import setuptools # type: ignore - -package_root = os.path.abspath(os.path.dirname(__file__)) - -name = 'google-cloud-binaryauthorization' - - -description = "Google Cloud Binaryauthorization API client library" - -version = {} -with open(os.path.join(package_root, 'google/cloud/binaryauthorization/gapic_version.py')) as fp: - exec(fp.read(), version) -version = version["__version__"] - -if version[0] == "0": - release_status = "Development Status :: 4 - Beta" -else: - release_status = "Development Status :: 5 - Production/Stable" - -dependencies = [ - "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", -] -url = "https://github.com/googleapis/python-binaryauthorization" - -package_root = os.path.abspath(os.path.dirname(__file__)) - -readme_filename = os.path.join(package_root, "README.rst") -with io.open(readme_filename, encoding="utf-8") as readme_file: - readme = readme_file.read() - -packages = [ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") -] - -namespaces = ["google"] -if "google.cloud" in packages: - namespaces.append("google.cloud") - -setuptools.setup( - name=name, - version=version, - description=description, - long_description=readme, - author="Google LLC", - author_email="googleapis-packages@google.com", - license="Apache 2.0", - url=url, - classifiers=[ - release_status, - "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Operating System :: OS Independent", - "Topic :: Internet", - ], - platforms="Posix; MacOS X; Windows", - packages=packages, - python_requires=">=3.7", - namespace_packages=namespaces, - install_requires=dependencies, - include_package_data=True, - zip_safe=False, -) diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt b/owl-bot-staging/v1beta1/testing/constraints-3.10.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.10.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt b/owl-bot-staging/v1beta1/testing/constraints-3.11.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.11.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt b/owl-bot-staging/v1beta1/testing/constraints-3.7.txt deleted file mode 100644 index 6f3158c..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.7.txt +++ /dev/null @@ -1,9 +0,0 @@ -# This constraints file is used to check that lower bounds -# are correct in setup.py -# List all library dependencies and extras in this file. -# Pin the version to the lower bound. -# e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", -# Then this file should have google-cloud-foo==1.14.0 -google-api-core==1.33.2 -proto-plus==1.22.0 -protobuf==3.19.5 diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt b/owl-bot-staging/v1beta1/testing/constraints-3.8.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.8.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt b/owl-bot-staging/v1beta1/testing/constraints-3.9.txt deleted file mode 100644 index ed7f9ae..0000000 --- a/owl-bot-staging/v1beta1/testing/constraints-3.9.txt +++ /dev/null @@ -1,6 +0,0 @@ -# -*- coding: utf-8 -*- -# This constraints file is required for unit tests. -# List all library dependencies and extras in this file. -google-api-core -proto-plus -protobuf diff --git a/owl-bot-staging/v1beta1/tests/__init__.py b/owl-bot-staging/v1beta1/tests/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/__init__.py b/owl-bot-staging/v1beta1/tests/unit/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py deleted file mode 100644 index 231bc12..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ - -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py deleted file mode 100644 index e2b10aa..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py +++ /dev/null @@ -1,3039 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import BinauthzManagementServiceV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import pagers -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(None) is None - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert BinauthzManagementServiceV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_binauthz_management_service_v1_beta1_client_get_transport_class(): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class() - available_transports = [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class("grpc") - assert transport == transports.BinauthzManagementServiceV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(BinauthzManagementServiceV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "true"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", "false"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_binauthz_management_service_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - BinauthzManagementServiceV1Beta1Client, BinauthzManagementServiceV1Beta1AsyncClient -]) -@mock.patch.object(BinauthzManagementServiceV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1Client)) -@mock.patch.object(BinauthzManagementServiceV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(BinauthzManagementServiceV1Beta1AsyncClient)) -def test_binauthz_management_service_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc"), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_binauthz_management_service_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = BinauthzManagementServiceV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport, "grpc", grpc_helpers), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_binauthz_management_service_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetPolicyRequest, - dict, -]) -def test_get_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - client.get_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - -@pytest.mark.asyncio -async def test_get_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetPolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_policy_async_from_dict(): - await test_get_policy_async(request_type=dict) - - -def test_get_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_policy( - service.GetPolicyRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdatePolicyRequest, - dict, -]) -def test_update_policy(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_update_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - client.update_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - -@pytest.mark.asyncio -async def test_update_policy_async(transport: str = 'grpc_asyncio', request_type=service.UpdatePolicyRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdatePolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_update_policy_async_from_dict(): - await test_update_policy_async(request_type=dict) - - -def test_update_policy_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_policy_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdatePolicyRequest() - - request.policy.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.update_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'policy.name=name_value', - ) in kw['metadata'] - - -def test_update_policy_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - - -def test_update_policy_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_policy_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_policy( - policy=resources.Policy(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].policy - mock_val = resources.Policy(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_policy_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_policy( - service.UpdatePolicyRequest(), - policy=resources.Policy(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.CreateAttestorRequest, - dict, -]) -def test_create_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_create_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - client.create_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - -@pytest.mark.asyncio -async def test_create_attestor_async(transport: str = 'grpc_asyncio', request_type=service.CreateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.CreateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_create_attestor_async_from_dict(): - await test_create_attestor_async(request_type=dict) - - -def test_create_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_create_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.CreateAttestorRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.create_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_create_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_create_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_create_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.create_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.create_attestor( - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - arg = args[0].attestor_id - mock_val = 'attestor_id_value' - assert arg == mock_val - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_create_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.create_attestor( - service.CreateAttestorRequest(), - parent='parent_value', - attestor_id='attestor_id_value', - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetAttestorRequest, - dict, -]) -def test_get_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_get_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - client.get_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - -@pytest.mark.asyncio -async def test_get_attestor_async(transport: str = 'grpc_asyncio', request_type=service.GetAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_get_attestor_async_from_dict(): - await test_get_attestor_async(request_type=dict) - - -def test_get_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.get_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_attestor( - service.GetAttestorRequest(), - name='name_value', - ) - - -@pytest.mark.parametrize("request_type", [ - service.UpdateAttestorRequest, - dict, -]) -def test_update_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor( - name='name_value', - description='description_value', - user_owned_drydock_note=resources.UserOwnedDrydockNote(note_reference='note_reference_value'), - ) - response = client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -def test_update_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - client.update_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - -@pytest.mark.asyncio -async def test_update_attestor_async(transport: str = 'grpc_asyncio', request_type=service.UpdateAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor( - name='name_value', - description='description_value', - )) - response = await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.UpdateAttestorRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Attestor) - assert response.name == 'name_value' - assert response.description == 'description_value' - - -@pytest.mark.asyncio -async def test_update_attestor_async_from_dict(): - await test_update_attestor_async(request_type=dict) - - -def test_update_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = resources.Attestor() - client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_update_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.UpdateAttestorRequest() - - request.attestor.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - await client.update_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'attestor.name=name_value', - ) in kw['metadata'] - - -def test_update_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - - -def test_update_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - -@pytest.mark.asyncio -async def test_update_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.update_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Attestor() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Attestor()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.update_attestor( - attestor=resources.Attestor(name='name_value'), - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].attestor - mock_val = resources.Attestor(name='name_value') - assert arg == mock_val - -@pytest.mark.asyncio -async def test_update_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.update_attestor( - service.UpdateAttestorRequest(), - attestor=resources.Attestor(name='name_value'), - ) - - -@pytest.mark.parametrize("request_type", [ - service.ListAttestorsRequest, - dict, -]) -def test_list_attestors(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse( - next_page_token='next_page_token_value', - ) - response = client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsPager) - assert response.next_page_token == 'next_page_token_value' - - -def test_list_attestors_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - client.list_attestors() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - -@pytest.mark.asyncio -async def test_list_attestors_async(transport: str = 'grpc_asyncio', request_type=service.ListAttestorsRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse( - next_page_token='next_page_token_value', - )) - response = await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.ListAttestorsRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, pagers.ListAttestorsAsyncPager) - assert response.next_page_token == 'next_page_token_value' - - -@pytest.mark.asyncio -async def test_list_attestors_async_from_dict(): - await test_list_attestors_async(request_type=dict) - - -def test_list_attestors_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = service.ListAttestorsResponse() - client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_list_attestors_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.ListAttestorsRequest() - - request.parent = 'parent_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - await client.list_attestors(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'parent=parent_value', - ) in kw['metadata'] - - -def test_list_attestors_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - - -def test_list_attestors_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - -@pytest.mark.asyncio -async def test_list_attestors_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = service.ListAttestorsResponse() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(service.ListAttestorsResponse()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.list_attestors( - parent='parent_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].parent - mock_val = 'parent_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_list_attestors_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.list_attestors( - service.ListAttestorsRequest(), - parent='parent_value', - ) - - -def test_list_attestors_pager(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - - metadata = () - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata(( - ('parent', ''), - )), - ) - pager = client.list_attestors(request={}) - - assert pager._metadata == metadata - - results = list(pager) - assert len(results) == 6 - assert all(isinstance(i, resources.Attestor) - for i in results) -def test_list_attestors_pages(transport_name: str = "grpc"): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials, - transport=transport_name, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__') as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = list(client.list_attestors(request={}).pages) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.asyncio -async def test_list_attestors_async_pager(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - async_pager = await client.list_attestors(request={},) - assert async_pager.next_page_token == 'abc' - responses = [] - async for response in async_pager: # pragma: no branch - responses.append(response) - - assert len(responses) == 6 - assert all(isinstance(i, resources.Attestor) - for i in responses) - - -@pytest.mark.asyncio -async def test_list_attestors_async_pages(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials, - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.list_attestors), - '__call__', new_callable=mock.AsyncMock) as call: - # Set the response to a series of pages. - call.side_effect = ( - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - resources.Attestor(), - ], - next_page_token='abc', - ), - service.ListAttestorsResponse( - attestors=[], - next_page_token='def', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - ], - next_page_token='ghi', - ), - service.ListAttestorsResponse( - attestors=[ - resources.Attestor(), - resources.Attestor(), - ], - ), - RuntimeError, - ) - pages = [] - async for page_ in (await client.list_attestors(request={})).pages: # pragma: no branch - pages.append(page_) - for page_, token in zip(pages, ['abc','def','ghi', '']): - assert page_.raw_page.next_page_token == token - -@pytest.mark.parametrize("request_type", [ - service.DeleteAttestorRequest, - dict, -]) -def test_delete_attestor(request_type, transport: str = 'grpc'): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - response = client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -def test_delete_attestor_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - client.delete_attestor() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - -@pytest.mark.asyncio -async def test_delete_attestor_async(transport: str = 'grpc_asyncio', request_type=service.DeleteAttestorRequest): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - response = await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.DeleteAttestorRequest() - - # Establish that the response is the type that we expect. - assert response is None - - -@pytest.mark.asyncio -async def test_delete_attestor_async_from_dict(): - await test_delete_attestor_async(request_type=dict) - - -def test_delete_attestor_field_headers(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = None - client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_delete_attestor_field_headers_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.DeleteAttestorRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - await client.delete_attestor(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_delete_attestor_flattened(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_delete_attestor_flattened_error(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.delete_attestor), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = None - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(None) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.delete_attestor( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_delete_attestor_flattened_error_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.delete_attestor( - service.DeleteAttestorRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = BinauthzManagementServiceV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = BinauthzManagementServiceV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = BinauthzManagementServiceV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - ) - -def test_binauthz_management_service_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_binauthz_management_service_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_policy', - 'update_policy', - 'create_attestor', - 'get_attestor', - 'update_attestor', - 'list_attestors', - 'delete_attestor', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_binauthz_management_service_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_binauthz_management_service_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.transports.BinauthzManagementServiceV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.BinauthzManagementServiceV1Beta1Transport() - adc.assert_called_once() - - -def test_binauthz_management_service_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - BinauthzManagementServiceV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.BinauthzManagementServiceV1Beta1GrpcTransport, - transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, - ], -) -def test_binauthz_management_service_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.BinauthzManagementServiceV1Beta1GrpcTransport, grpc_helpers), - (transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_binauthz_management_service_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_no_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_binauthz_management_service_v1_beta1_host_with_port(transport_name): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_binauthz_management_service_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_binauthz_management_service_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.BinauthzManagementServiceV1Beta1GrpcTransport, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport]) -def test_binauthz_management_service_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_attestor_path(): - project = "squid" - attestor = "clam" - expected = "projects/{project}/attestors/{attestor}".format(project=project, attestor=attestor, ) - actual = BinauthzManagementServiceV1Beta1Client.attestor_path(project, attestor) - assert expected == actual - - -def test_parse_attestor_path(): - expected = { - "project": "whelk", - "attestor": "octopus", - } - path = BinauthzManagementServiceV1Beta1Client.attestor_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_attestor_path(path) - assert expected == actual - -def test_policy_path(): - project = "oyster" - expected = "projects/{project}/policy".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "cuttlefish" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "mussel", - } - path = BinauthzManagementServiceV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "winkle" - expected = "folders/{folder}".format(folder=folder, ) - actual = BinauthzManagementServiceV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nautilus", - } - path = BinauthzManagementServiceV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "scallop" - expected = "organizations/{organization}".format(organization=organization, ) - actual = BinauthzManagementServiceV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "abalone", - } - path = BinauthzManagementServiceV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "squid" - expected = "projects/{project}".format(project=project, ) - actual = BinauthzManagementServiceV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "clam", - } - path = BinauthzManagementServiceV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "whelk" - location = "octopus" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = BinauthzManagementServiceV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "oyster", - "location": "nudibranch", - } - path = BinauthzManagementServiceV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = BinauthzManagementServiceV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.BinauthzManagementServiceV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = BinauthzManagementServiceV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = BinauthzManagementServiceV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = BinauthzManagementServiceV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (BinauthzManagementServiceV1Beta1Client, transports.BinauthzManagementServiceV1Beta1GrpcTransport), - (BinauthzManagementServiceV1Beta1AsyncClient, transports.BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py deleted file mode 100644 index b1902f9..0000000 --- a/owl-bot-staging/v1beta1/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py +++ /dev/null @@ -1,1396 +0,0 @@ -# -*- coding: utf-8 -*- -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os -# try/except added for compatibility with python < 3.8 -try: - from unittest import mock - from unittest.mock import AsyncMock # pragma: NO COVER -except ImportError: # pragma: NO COVER - import mock - -import grpc -from grpc.experimental import aio -import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers - -from google.api_core import client_options -from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template -from google.auth import credentials as ga_credentials -from google.auth.exceptions import MutualTLSChannelError -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import transports -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth - - -def client_cert_source_callback(): - return b"cert bytes", b"key bytes" - - -# If default endpoint is localhost, then default mtls endpoint will be the same. -# This method modifies the default endpoint so the client can produce a different -# mtls endpoint for endpoint testing purposes. -def modify_default_endpoint(client): - return "foo.googleapis.com" if ("localhost" in client.DEFAULT_ENDPOINT) else client.DEFAULT_ENDPOINT - - -def test__get_default_mtls_endpoint(): - api_endpoint = "example.googleapis.com" - api_mtls_endpoint = "example.mtls.googleapis.com" - sandbox_endpoint = "example.sandbox.googleapis.com" - sandbox_mtls_endpoint = "example.mtls.sandbox.googleapis.com" - non_googleapi = "api.example.com" - - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(None) is None - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(api_mtls_endpoint) == api_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(sandbox_mtls_endpoint) == sandbox_mtls_endpoint - assert SystemPolicyV1Beta1Client._get_default_mtls_endpoint(non_googleapi) == non_googleapi - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_info(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_info') as factory: - factory.return_value = creds - info = {"valid": True} - client = client_class.from_service_account_info(info, transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -@pytest.mark.parametrize("transport_class,transport_name", [ - (transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_service_account_always_use_jwt(transport_class, transport_name): - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=True) - use_jwt.assert_called_once_with(True) - - with mock.patch.object(service_account.Credentials, 'with_always_use_jwt_access', create=True) as use_jwt: - creds = service_account.Credentials(None, None, None) - transport = transport_class(credentials=creds, always_use_jwt_access=False) - use_jwt.assert_not_called() - - -@pytest.mark.parametrize("client_class,transport_name", [ - (SystemPolicyV1Beta1Client, "grpc"), - (SystemPolicyV1Beta1AsyncClient, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_from_service_account_file(client_class, transport_name): - creds = ga_credentials.AnonymousCredentials() - with mock.patch.object(service_account.Credentials, 'from_service_account_file') as factory: - factory.return_value = creds - client = client_class.from_service_account_file("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - client = client_class.from_service_account_json("dummy/file/path.json", transport=transport_name) - assert client.transport._credentials == creds - assert isinstance(client, client_class) - - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - - -def test_system_policy_v1_beta1_client_get_transport_class(): - transport = SystemPolicyV1Beta1Client.get_transport_class() - available_transports = [ - transports.SystemPolicyV1Beta1GrpcTransport, - ] - assert transport in available_transports - - transport = SystemPolicyV1Beta1Client.get_transport_class("grpc") - assert transport == transports.SystemPolicyV1Beta1GrpcTransport - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_client_options(client_class, transport_class, transport_name): - # Check that if channel is provided we won't create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials() - ) - client = client_class(transport=transport) - gtc.assert_not_called() - - # Check that if channel is provided via str we will create a new one. - with mock.patch.object(SystemPolicyV1Beta1Client, 'get_transport_class') as gtc: - client = client_class(transport=transport_name) - gtc.assert_called() - - # Check the case api_endpoint is provided. - options = client_options.ClientOptions(api_endpoint="squid.clam.whelk") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name, client_options=options) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is - # "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_MTLS_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has - # unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "Unsupported"}): - with pytest.raises(MutualTLSChannelError): - client = client_class(transport=transport_name) - - # Check the case GOOGLE_API_USE_CLIENT_CERTIFICATE has unsupported value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "Unsupported"}): - with pytest.raises(ValueError): - client = client_class(transport=transport_name) - - # Check the case quota_project_id is provided - options = client_options.ClientOptions(quota_project_id="octopus") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id="octopus", - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - # Check the case api_endpoint is provided - options = client_options.ClientOptions(api_audience="https://language.googleapis.com") - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience="https://language.googleapis.com" - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,use_client_cert_env", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "true"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "true"), - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", "false"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", "false"), -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -@mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "auto"}) -def test_system_policy_v1_beta1_client_mtls_env_auto(client_class, transport_class, transport_name, use_client_cert_env): - # This tests the endpoint autoswitch behavior. Endpoint is autoswitched to the default - # mtls endpoint, if GOOGLE_API_USE_CLIENT_CERTIFICATE is "true" and client cert exists. - - # Check the case client_cert_source is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - options = client_options.ClientOptions(client_cert_source=client_cert_source_callback) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - - if use_client_cert_env == "false": - expected_client_cert_source = None - expected_host = client.DEFAULT_ENDPOINT - else: - expected_client_cert_source = client_cert_source_callback - expected_host = client.DEFAULT_MTLS_ENDPOINT - - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case ADC client cert is provided. Whether client cert is used depends on - # GOOGLE_API_USE_CLIENT_CERTIFICATE value. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=client_cert_source_callback): - if use_client_cert_env == "false": - expected_host = client.DEFAULT_ENDPOINT - expected_client_cert_source = None - else: - expected_host = client.DEFAULT_MTLS_ENDPOINT - expected_client_cert_source = client_cert_source_callback - - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=expected_host, - scopes=None, - client_cert_source_for_mtls=expected_client_cert_source, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # Check the case client_cert_source and ADC client cert are not provided. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": use_client_cert_env}): - with mock.patch.object(transport_class, '__init__') as patched: - with mock.patch("google.auth.transport.mtls.has_default_client_cert_source", return_value=False): - patched.return_value = None - client = client_class(transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class", [ - SystemPolicyV1Beta1Client, SystemPolicyV1Beta1AsyncClient -]) -@mock.patch.object(SystemPolicyV1Beta1Client, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1Client)) -@mock.patch.object(SystemPolicyV1Beta1AsyncClient, "DEFAULT_ENDPOINT", modify_default_endpoint(SystemPolicyV1Beta1AsyncClient)) -def test_system_policy_v1_beta1_client_get_mtls_endpoint_and_cert_source(client_class): - mock_client_cert_source = mock.Mock() - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "true". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source == mock_client_cert_source - - # Test the case GOOGLE_API_USE_CLIENT_CERTIFICATE is "false". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "false"}): - mock_client_cert_source = mock.Mock() - mock_api_endpoint = "foo" - options = client_options.ClientOptions(client_cert_source=mock_client_cert_source, api_endpoint=mock_api_endpoint) - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source(options) - assert api_endpoint == mock_api_endpoint - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "never". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "never"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "always". - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_MTLS_ENDPOINT": "always"}): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert doesn't exist. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=False): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_ENDPOINT - assert cert_source is None - - # Test the case GOOGLE_API_USE_MTLS_ENDPOINT is "auto" and default cert exists. - with mock.patch.dict(os.environ, {"GOOGLE_API_USE_CLIENT_CERTIFICATE": "true"}): - with mock.patch('google.auth.transport.mtls.has_default_client_cert_source', return_value=True): - with mock.patch('google.auth.transport.mtls.default_client_cert_source', return_value=mock_client_cert_source): - api_endpoint, cert_source = client_class.get_mtls_endpoint_and_cert_source() - assert api_endpoint == client_class.DEFAULT_MTLS_ENDPOINT - assert cert_source == mock_client_cert_source - - -@pytest.mark.parametrize("client_class,transport_class,transport_name", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc"), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio"), -]) -def test_system_policy_v1_beta1_client_client_options_scopes(client_class, transport_class, transport_name): - # Check the case scopes are provided. - options = client_options.ClientOptions( - scopes=["1", "2"], - ) - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=["1", "2"], - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_client_options_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - -def test_system_policy_v1_beta1_client_client_options_from_dict(): - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1GrpcTransport.__init__') as grpc_transport: - grpc_transport.return_value = None - client = SystemPolicyV1Beta1Client( - client_options={'api_endpoint': 'squid.clam.whelk'} - ) - grpc_transport.assert_called_once_with( - credentials=None, - credentials_file=None, - host="squid.clam.whelk", - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - -@pytest.mark.parametrize("client_class,transport_class,transport_name,grpc_helpers", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport, "grpc", grpc_helpers), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, "grpc_asyncio", grpc_helpers_async), -]) -def test_system_policy_v1_beta1_client_create_channel_credentials_file(client_class, transport_class, transport_name, grpc_helpers): - # Check the case credentials file is provided. - options = client_options.ClientOptions( - credentials_file="credentials.json" - ) - - with mock.patch.object(transport_class, '__init__') as patched: - patched.return_value = None - client = client_class(client_options=options, transport=transport_name) - patched.assert_called_once_with( - credentials=None, - credentials_file="credentials.json", - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) - - # test that the credentials from file are saved and used as the credentials. - with mock.patch.object( - google.auth, "load_credentials_from_file", autospec=True - ) as load_creds, mock.patch.object( - google.auth, "default", autospec=True - ) as adc, mock.patch.object( - grpc_helpers, "create_channel" - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - file_creds = ga_credentials.AnonymousCredentials() - load_creds.return_value = (file_creds, None) - adc.return_value = (creds, None) - client = client_class(client_options=options, transport=transport_name) - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=file_creds, - credentials_file=None, - quota_project_id=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=None, - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("request_type", [ - service.GetSystemPolicyRequest, - dict, -]) -def test_get_system_policy(request_type, transport: str = 'grpc'): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - ) - response = client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -def test_get_system_policy_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport='grpc', - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - client.get_system_policy() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - -@pytest.mark.asyncio -async def test_get_system_policy_async(transport: str = 'grpc_asyncio', request_type=service.GetSystemPolicyRequest): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value =grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy( - name='name_value', - description='description_value', - global_policy_evaluation_mode=resources.Policy.GlobalPolicyEvaluationMode.ENABLE, - )) - response = await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == service.GetSystemPolicyRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, resources.Policy) - assert response.name == 'name_value' - assert response.description == 'description_value' - assert response.global_policy_evaluation_mode == resources.Policy.GlobalPolicyEvaluationMode.ENABLE - - -@pytest.mark.asyncio -async def test_get_system_policy_async_from_dict(): - await test_get_system_policy_async(request_type=dict) - - -def test_get_system_policy_field_headers(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = resources.Policy() - client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -@pytest.mark.asyncio -async def test_get_system_policy_field_headers_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = service.GetSystemPolicyRequest() - - request.name = 'name_value' - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - await client.get_system_policy(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - 'x-goog-request-params', - 'name=name_value', - ) in kw['metadata'] - - -def test_get_system_policy_flattened(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - - -def test_get_system_policy_flattened_error(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.get_system_policy), - '__call__') as call: - # Designate an appropriate return value for the call. - call.return_value = resources.Policy() - - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall(resources.Policy()) - # Call the method with a truthy value for each flattened field, - # using the keyword arguments to the method. - response = await client.get_system_policy( - name='name_value', - ) - - # Establish that the underlying call was made with the expected - # request object values. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - arg = args[0].name - mock_val = 'name_value' - assert arg == mock_val - -@pytest.mark.asyncio -async def test_get_system_policy_flattened_error_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Attempting to call a method with both a request object and flattened - # fields is an error. - with pytest.raises(ValueError): - await client.get_system_policy( - service.GetSystemPolicyRequest(), - name='name_value', - ) - - -def test_credentials_transport_error(): - # It is an error to provide credentials and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # It is an error to provide a credentials file and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"credentials_file": "credentials.json"}, - transport=transport, - ) - - # It is an error to provide an api_key and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - options = client_options.ClientOptions() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - transport=transport, - ) - - # It is an error to provide an api_key and a credential. - options = mock.Mock() - options.api_key = "api_key" - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options=options, - credentials=ga_credentials.AnonymousCredentials() - ) - - # It is an error to provide scopes and a transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - with pytest.raises(ValueError): - client = SystemPolicyV1Beta1Client( - client_options={"scopes": ["1", "2"]}, - transport=transport, - ) - - -def test_transport_instance(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - client = SystemPolicyV1Beta1Client(transport=transport) - assert client.transport is transport - -def test_transport_get_channel(): - # A client may be instantiated with a custom transport instance. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - credentials=ga_credentials.AnonymousCredentials(), - ) - channel = transport.grpc_channel - assert channel - -@pytest.mark.parametrize("transport_class", [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, -]) -def test_transport_adc(transport_class): - # Test default credentials are used if not provided. - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class() - adc.assert_called_once() - -@pytest.mark.parametrize("transport_name", [ - "grpc", -]) -def test_transport_kind(transport_name): - transport = SystemPolicyV1Beta1Client.get_transport_class(transport_name)( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert transport.kind == transport_name - -def test_transport_grpc_default(): - # A client should use the gRPC transport by default. - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - ) - assert isinstance( - client.transport, - transports.SystemPolicyV1Beta1GrpcTransport, - ) - -def test_system_policy_v1_beta1_base_transport_error(): - # Passing both a credentials object and credentials_file should raise an error - with pytest.raises(core_exceptions.DuplicateCredentialArgs): - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - credentials_file="credentials.json" - ) - - -def test_system_policy_v1_beta1_base_transport(): - # Instantiate the base transport. - with mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport.__init__') as Transport: - Transport.return_value = None - transport = transports.SystemPolicyV1Beta1Transport( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Every method on the transport should just blindly - # raise NotImplementedError. - methods = ( - 'get_system_policy', - ) - for method in methods: - with pytest.raises(NotImplementedError): - getattr(transport, method)(request=object()) - - with pytest.raises(NotImplementedError): - transport.close() - - # Catch all for all remaining methods and properties - remainder = [ - 'kind', - ] - for r in remainder: - with pytest.raises(NotImplementedError): - getattr(transport, r)() - - -def test_system_policy_v1_beta1_base_transport_with_credentials_file(): - # Instantiate the base transport with a credentials file - with mock.patch.object(google.auth, 'load_credentials_from_file', autospec=True) as load_creds, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - load_creds.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport( - credentials_file="credentials.json", - quota_project_id="octopus", - ) - load_creds.assert_called_once_with("credentials.json", - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id="octopus", - ) - - -def test_system_policy_v1_beta1_base_transport_with_adc(): - # Test the default credentials are used if credentials and credentials_file are None. - with mock.patch.object(google.auth, 'default', autospec=True) as adc, mock.patch('google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1.transports.SystemPolicyV1Beta1Transport._prep_wrapped_messages') as Transport: - Transport.return_value = None - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport = transports.SystemPolicyV1Beta1Transport() - adc.assert_called_once() - - -def test_system_policy_v1_beta1_auth_adc(): - # If no credentials are provided, we should use ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - SystemPolicyV1Beta1Client() - adc.assert_called_once_with( - scopes=None, - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - quota_project_id=None, - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_adc(transport_class): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - adc.return_value = (ga_credentials.AnonymousCredentials(), None) - transport_class(quota_project_id="octopus", scopes=["1", "2"]) - adc.assert_called_once_with( - scopes=["1", "2"], - default_scopes=( 'https://www.googleapis.com/auth/cloud-platform',), - quota_project_id="octopus", - ) - - -@pytest.mark.parametrize( - "transport_class", - [ - transports.SystemPolicyV1Beta1GrpcTransport, - transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, - ], -) -def test_system_policy_v1_beta1_transport_auth_gdch_credentials(transport_class): - host = 'https://language.com' - api_audience_tests = [None, 'https://language2.com'] - api_audience_expect = [host, 'https://language2.com'] - for t, e in zip(api_audience_tests, api_audience_expect): - with mock.patch.object(google.auth, 'default', autospec=True) as adc: - gdch_mock = mock.MagicMock() - type(gdch_mock).with_gdch_audience = mock.PropertyMock(return_value=gdch_mock) - adc.return_value = (gdch_mock, None) - transport_class(host=host, api_audience=t) - gdch_mock.with_gdch_audience.assert_called_once_with( - e - ) - - -@pytest.mark.parametrize( - "transport_class,grpc_helpers", - [ - (transports.SystemPolicyV1Beta1GrpcTransport, grpc_helpers), - (transports.SystemPolicyV1Beta1GrpcAsyncIOTransport, grpc_helpers_async) - ], -) -def test_system_policy_v1_beta1_transport_create_channel(transport_class, grpc_helpers): - # If credentials and host are not provided, the transport class should use - # ADC credentials. - with mock.patch.object(google.auth, "default", autospec=True) as adc, mock.patch.object( - grpc_helpers, "create_channel", autospec=True - ) as create_channel: - creds = ga_credentials.AnonymousCredentials() - adc.return_value = (creds, None) - transport_class( - quota_project_id="octopus", - scopes=["1", "2"] - ) - - create_channel.assert_called_with( - "binaryauthorization.googleapis.com:443", - credentials=creds, - credentials_file=None, - quota_project_id="octopus", - default_scopes=( - 'https://www.googleapis.com/auth/cloud-platform', -), - scopes=["1", "2"], - default_host="binaryauthorization.googleapis.com", - ssl_credentials=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_grpc_transport_client_cert_source_for_mtls( - transport_class -): - cred = ga_credentials.AnonymousCredentials() - - # Check ssl_channel_credentials is used if provided. - with mock.patch.object(transport_class, "create_channel") as mock_create_channel: - mock_ssl_channel_creds = mock.Mock() - transport_class( - host="squid.clam.whelk", - credentials=cred, - ssl_channel_credentials=mock_ssl_channel_creds - ) - mock_create_channel.assert_called_once_with( - "squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_channel_creds, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - - # Check if ssl_channel_credentials is not provided, then client_cert_source_for_mtls - # is used. - with mock.patch.object(transport_class, "create_channel", return_value=mock.Mock()): - with mock.patch("grpc.ssl_channel_credentials") as mock_ssl_cred: - transport_class( - credentials=cred, - client_cert_source_for_mtls=client_cert_source_callback - ) - expected_cert, expected_key = client_cert_source_callback() - mock_ssl_cred.assert_called_once_with( - certificate_chain=expected_cert, - private_key=expected_key - ) - - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_no_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:443' - ) - -@pytest.mark.parametrize("transport_name", [ - "grpc", - "grpc_asyncio", -]) -def test_system_policy_v1_beta1_host_with_port(transport_name): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_options=client_options.ClientOptions(api_endpoint='binaryauthorization.googleapis.com:8000'), - transport=transport_name, - ) - assert client.transport._host == ( - 'binaryauthorization.googleapis.com:8000' - ) - -def test_system_policy_v1_beta1_grpc_transport_channel(): - channel = grpc.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -def test_system_policy_v1_beta1_grpc_asyncio_transport_channel(): - channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) - - # Check that channel is used if provided. - transport = transports.SystemPolicyV1Beta1GrpcAsyncIOTransport( - host="squid.clam.whelk", - channel=channel, - ) - assert transport.grpc_channel == channel - assert transport._host == "squid.clam.whelk:443" - assert transport._ssl_channel_credentials == None - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_client_cert_source( - transport_class -): - with mock.patch("grpc.ssl_channel_credentials", autospec=True) as grpc_ssl_channel_cred: - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_ssl_cred = mock.Mock() - grpc_ssl_channel_cred.return_value = mock_ssl_cred - - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - - cred = ga_credentials.AnonymousCredentials() - with pytest.warns(DeprecationWarning): - with mock.patch.object(google.auth, 'default') as adc: - adc.return_value = (cred, None) - transport = transport_class( - host="squid.clam.whelk", - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=client_cert_source_callback, - ) - adc.assert_called_once() - - grpc_ssl_channel_cred.assert_called_once_with( - certificate_chain=b"cert bytes", private_key=b"key bytes" - ) - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - assert transport._ssl_channel_credentials == mock_ssl_cred - - -# Remove this test when deprecated arguments (api_mtls_endpoint, client_cert_source) are -# removed from grpc/grpc_asyncio transport constructor. -@pytest.mark.parametrize("transport_class", [transports.SystemPolicyV1Beta1GrpcTransport, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport]) -def test_system_policy_v1_beta1_transport_channel_mtls_with_adc( - transport_class -): - mock_ssl_cred = mock.Mock() - with mock.patch.multiple( - "google.auth.transport.grpc.SslCredentials", - __init__=mock.Mock(return_value=None), - ssl_credentials=mock.PropertyMock(return_value=mock_ssl_cred), - ): - with mock.patch.object(transport_class, "create_channel") as grpc_create_channel: - mock_grpc_channel = mock.Mock() - grpc_create_channel.return_value = mock_grpc_channel - mock_cred = mock.Mock() - - with pytest.warns(DeprecationWarning): - transport = transport_class( - host="squid.clam.whelk", - credentials=mock_cred, - api_mtls_endpoint="mtls.squid.clam.whelk", - client_cert_source=None, - ) - - grpc_create_channel.assert_called_once_with( - "mtls.squid.clam.whelk:443", - credentials=mock_cred, - credentials_file=None, - scopes=None, - ssl_credentials=mock_ssl_cred, - quota_project_id=None, - options=[ - ("grpc.max_send_message_length", -1), - ("grpc.max_receive_message_length", -1), - ], - ) - assert transport.grpc_channel == mock_grpc_channel - - -def test_policy_path(): - project = "squid" - expected = "projects/{project}/policy".format(project=project, ) - actual = SystemPolicyV1Beta1Client.policy_path(project) - assert expected == actual - - -def test_parse_policy_path(): - expected = { - "project": "clam", - } - path = SystemPolicyV1Beta1Client.policy_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_policy_path(path) - assert expected == actual - -def test_common_billing_account_path(): - billing_account = "whelk" - expected = "billingAccounts/{billing_account}".format(billing_account=billing_account, ) - actual = SystemPolicyV1Beta1Client.common_billing_account_path(billing_account) - assert expected == actual - - -def test_parse_common_billing_account_path(): - expected = { - "billing_account": "octopus", - } - path = SystemPolicyV1Beta1Client.common_billing_account_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_billing_account_path(path) - assert expected == actual - -def test_common_folder_path(): - folder = "oyster" - expected = "folders/{folder}".format(folder=folder, ) - actual = SystemPolicyV1Beta1Client.common_folder_path(folder) - assert expected == actual - - -def test_parse_common_folder_path(): - expected = { - "folder": "nudibranch", - } - path = SystemPolicyV1Beta1Client.common_folder_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_folder_path(path) - assert expected == actual - -def test_common_organization_path(): - organization = "cuttlefish" - expected = "organizations/{organization}".format(organization=organization, ) - actual = SystemPolicyV1Beta1Client.common_organization_path(organization) - assert expected == actual - - -def test_parse_common_organization_path(): - expected = { - "organization": "mussel", - } - path = SystemPolicyV1Beta1Client.common_organization_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_organization_path(path) - assert expected == actual - -def test_common_project_path(): - project = "winkle" - expected = "projects/{project}".format(project=project, ) - actual = SystemPolicyV1Beta1Client.common_project_path(project) - assert expected == actual - - -def test_parse_common_project_path(): - expected = { - "project": "nautilus", - } - path = SystemPolicyV1Beta1Client.common_project_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_project_path(path) - assert expected == actual - -def test_common_location_path(): - project = "scallop" - location = "abalone" - expected = "projects/{project}/locations/{location}".format(project=project, location=location, ) - actual = SystemPolicyV1Beta1Client.common_location_path(project, location) - assert expected == actual - - -def test_parse_common_location_path(): - expected = { - "project": "squid", - "location": "clam", - } - path = SystemPolicyV1Beta1Client.common_location_path(**expected) - - # Check that the path construction is reversible. - actual = SystemPolicyV1Beta1Client.parse_common_location_path(path) - assert expected == actual - - -def test_client_with_default_client_info(): - client_info = gapic_v1.client_info.ClientInfo() - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - - with mock.patch.object(transports.SystemPolicyV1Beta1Transport, '_prep_wrapped_messages') as prep: - transport_class = SystemPolicyV1Beta1Client.get_transport_class() - transport = transport_class( - credentials=ga_credentials.AnonymousCredentials(), - client_info=client_info, - ) - prep.assert_called_once_with(client_info) - -@pytest.mark.asyncio -async def test_transport_close_async(): - client = SystemPolicyV1Beta1AsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc_asyncio", - ) - with mock.patch.object(type(getattr(client.transport, "grpc_channel")), "close") as close: - async with client: - close.assert_not_called() - close.assert_called_once() - - -def test_transport_close(): - transports = { - "grpc": "_grpc_channel", - } - - for transport, close_name in transports.items(): - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - with mock.patch.object(type(getattr(client.transport, close_name)), "close") as close: - with client: - close.assert_not_called() - close.assert_called_once() - -def test_client_ctx(): - transports = [ - 'grpc', - ] - for transport in transports: - client = SystemPolicyV1Beta1Client( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport - ) - # Test client calls underlying transport. - with mock.patch.object(type(client.transport), "close") as close: - close.assert_not_called() - with client: - pass - close.assert_called() - -@pytest.mark.parametrize("client_class,transport_class", [ - (SystemPolicyV1Beta1Client, transports.SystemPolicyV1Beta1GrpcTransport), - (SystemPolicyV1Beta1AsyncClient, transports.SystemPolicyV1Beta1GrpcAsyncIOTransport), -]) -def test_api_key_credentials(client_class, transport_class): - with mock.patch.object( - google.auth._default, "get_api_key_credentials", create=True - ) as get_api_key_credentials: - mock_cred = mock.Mock() - get_api_key_credentials.return_value = mock_cred - options = client_options.ClientOptions() - options.api_key = "api_key" - with mock.patch.object(transport_class, "__init__") as patched: - patched.return_value = None - client = client_class(client_options=options) - patched.assert_called_once_with( - credentials=mock_cred, - credentials_file=None, - host=client.DEFAULT_ENDPOINT, - scopes=None, - client_cert_source_for_mtls=None, - quota_project_id=None, - client_info=transports.base.DEFAULT_CLIENT_INFO, - always_use_jwt_access=True, - api_audience=None, - ) diff --git a/testing/constraints-3.7.txt b/testing/constraints-3.7.txt index aca9f2d..6f3158c 100644 --- a/testing/constraints-3.7.txt +++ b/testing/constraints-3.7.txt @@ -4,8 +4,6 @@ # Pin the version to the lower bound. # e.g., if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0dev", # Then this file should have google-cloud-foo==1.14.0 -# This file is intentionally left empty to test the -# latest versions of dependencies. google-api-core==1.33.2 proto-plus==1.22.0 protobuf==3.19.5 From 339c761f90afa7192f7860f95a09bf21ba9c3047 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Mon, 21 Nov 2022 17:51:29 +0000 Subject: [PATCH 15/18] use templated owlbot.py --- docs/index.rst | 8 +- owlbot.py | 44 +- ...ippet_metadata_binaryauthorization_v1.json | 1465 ----------------- ..._metadata_binaryauthorization_v1beta1.json | 1312 --------------- 4 files changed, 34 insertions(+), 2795 deletions(-) delete mode 100644 samples/generated_samples/snippet_metadata_binaryauthorization_v1.json delete mode 100644 samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json diff --git a/docs/index.rst b/docs/index.rst index d55ac54..a05d77b 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -3,7 +3,8 @@ .. include:: multiprocessing.rst This package includes clients for multiple versions of Binary Authorization. -By default, you will get version ``v1``. +By default, you will get version ``binaryauthorization_v1``. + API Reference ------------- @@ -21,12 +22,13 @@ API Reference binaryauthorization_v1beta1/services binaryauthorization_v1beta1/types + Changelog --------- For a list of all ``google-cloud-binary-authorization`` releases: .. toctree:: - :maxdepth: 2 + :maxdepth: 2 - changelog \ No newline at end of file + changelog diff --git a/owlbot.py b/owlbot.py index 4b3d533..1549b30 100644 --- a/owlbot.py +++ b/owlbot.py @@ -1,10 +1,10 @@ -# Copyright 2020 Google LLC +# Copyright 2022 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -12,18 +12,32 @@ # See the License for the specific language governing permissions and # limitations under the License. -"""This script is used to synthesize generated parts of this library.""" +import json +from pathlib import Path +import shutil import synthtool as s import synthtool.gcp as gcp from synthtool.languages import python -common = gcp.CommonTemplates() +# ---------------------------------------------------------------------------- +# Copy the generated client from the owl-bot staging directory +# ---------------------------------------------------------------------------- -default_version = "v1" +clean_up_generated_samples = True + +# Load the default version defined in .repo-metadata.json. +default_version = json.load(open(".repo-metadata.json", "rt")).get( + "default_version" +) for library in s.get_staging_dirs(default_version): + if clean_up_generated_samples: + shutil.rmtree("samples/generated_samples", ignore_errors=True) + clean_up_generated_samples = False + # Rename package to 'google-cloud-binary-authorization' + # Remove once cl/490002122 is submitted s.replace( [library / "google/**/*.py", library / "tests/**/*.py"], "google-cloud-binaryauthorization", @@ -61,22 +75,22 @@ "grafeas.v1.attestation_pb2.AttestationOccurrence", "grafeas.grafeas_v1.types.attestation.AttestationOccurrence", ) - - s.move(library, excludes=["setup.py", "README.rst", "docs/index.rst"]) - + s.move(library, excludes=["setup.py", "**/gapic_version.py"]) s.remove_staging_dirs() # ---------------------------------------------------------------------------- # Add templated files # ---------------------------------------------------------------------------- -templated_files = common.py_library(cov_level=100, microgenerator=True) -python.py_samples(skip_readmes=True) -s.move( - templated_files, - excludes=[".coveragerc"], # the microgenerator has a good coveragerc file +templated_files = gcp.CommonTemplates().py_library( + cov_level=100, + microgenerator=True, + versions=gcp.common.detect_versions(path="./google", default_first=True), ) +s.move(templated_files, excludes=[".coveragerc", ".github/release-please.yml"]) -python.configure_previous_major_version_branches() +python.py_samples(skip_readmes=True) -s.shell.run(["nox", "-s", "blacken"], hide_output=False) +# run format session for all directories which have a noxfile +for noxfile in Path(".").glob("**/noxfile.py"): + s.shell.run(["nox", "-s", "blacken"], cwd=noxfile.parent, hide_output=False) diff --git a/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json b/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json deleted file mode 100644 index 5e15984..0000000 --- a/samples/generated_samples/snippet_metadata_binaryauthorization_v1.json +++ /dev/null @@ -1,1465 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1", - "version": "v1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient", - "shortName": "BinauthzManagementServiceV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client", - "shortName": "BinauthzManagementServiceV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.BinauthzManagementServiceV1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.BinauthzManagementServiceV1", - "shortName": "BinauthzManagementServiceV1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_BinauthzManagementServiceV1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_binauthz_management_service_v1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient", - "shortName": "SystemPolicyV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client", - "shortName": "SystemPolicyV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.SystemPolicyV1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.SystemPolicyV1", - "shortName": "SystemPolicyV1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_SystemPolicyV1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_system_policy_v1_get_system_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient", - "shortName": "ValidationHelperV1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1AsyncClient.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_async", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client", - "shortName": "ValidationHelperV1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1.ValidationHelperV1Client.validate_attestation_occurrence", - "method": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1.ValidateAttestationOccurrence", - "service": { - "fullName": "google.cloud.binaryauthorization.v1.ValidationHelperV1", - "shortName": "ValidationHelperV1" - }, - "shortName": "ValidateAttestationOccurrence" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1.types.ValidateAttestationOccurrenceResponse", - "shortName": "validate_attestation_occurrence" - }, - "description": "Sample for ValidateAttestationOccurrence", - "file": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1_generated_ValidationHelperV1_ValidateAttestationOccurrence_sync", - "segments": [ - { - "end": 53, - "start": 27, - "type": "FULL" - }, - { - "end": 53, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 47, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 50, - "start": 48, - "type": "REQUEST_EXECUTION" - }, - { - "end": 54, - "start": 51, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1_generated_validation_helper_v1_validate_attestation_occurrence_sync.py" - } - ] -} diff --git a/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json b/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json deleted file mode 100644 index e73dca4..0000000 --- a/samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json +++ /dev/null @@ -1,1312 +0,0 @@ -{ - "clientLibrary": { - "apis": [ - { - "id": "google.cloud.binaryauthorization.v1beta1", - "version": "v1beta1" - } - ], - "language": "PYTHON", - "name": "google-cloud-binaryauthorization" - }, - "snippets": [ - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_async", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.create_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.CreateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "CreateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.CreateAttestorRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "attestor_id", - "type": "str" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "create_attestor" - }, - "description": "Sample for CreateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_CreateAttestor_sync", - "segments": [ - { - "end": 57, - "start": 27, - "type": "FULL" - }, - { - "end": 57, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 51, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 54, - "start": 52, - "type": "REQUEST_EXECUTION" - }, - { - "end": 58, - "start": 55, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_create_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_async", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.delete_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.DeleteAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "DeleteAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.DeleteAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "shortName": "delete_attestor" - }, - "description": "Sample for DeleteAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_DeleteAttestor_sync", - "segments": [ - { - "end": 49, - "start": 27, - "type": "FULL" - }, - { - "end": 49, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 50, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_delete_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetAttestorRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "get_attestor" - }, - "description": "Sample for GetAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetAttestor_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.get_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.GetPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "GetPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_policy" - }, - "description": "Sample for GetPolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_GetPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_get_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsAsyncPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_async", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.list_attestors", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.ListAttestors", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "ListAttestors" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.ListAttestorsRequest" - }, - { - "name": "parent", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1.pagers.ListAttestorsPager", - "shortName": "list_attestors" - }, - "description": "Sample for ListAttestors", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_ListAttestors_sync", - "segments": [ - { - "end": 52, - "start": 27, - "type": "FULL" - }, - { - "end": 52, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 53, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_list_attestors_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_attestor", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdateAttestor", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdateAttestor" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdateAttestorRequest" - }, - { - "name": "attestor", - "type": "google.cloud.binaryauthorization_v1beta1.types.Attestor" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Attestor", - "shortName": "update_attestor" - }, - "description": "Sample for UpdateAttestor", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdateAttestor_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_attestor_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient", - "shortName": "BinauthzManagementServiceV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1AsyncClient.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_async", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client", - "shortName": "BinauthzManagementServiceV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.BinauthzManagementServiceV1Beta1Client.update_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1.UpdatePolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.BinauthzManagementServiceV1Beta1", - "shortName": "BinauthzManagementServiceV1Beta1" - }, - "shortName": "UpdatePolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.UpdatePolicyRequest" - }, - { - "name": "policy", - "type": "google.cloud.binaryauthorization_v1beta1.types.Policy" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "update_policy" - }, - "description": "Sample for UpdatePolicy", - "file": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_BinauthzManagementServiceV1Beta1_UpdatePolicy_sync", - "segments": [ - { - "end": 55, - "start": 27, - "type": "FULL" - }, - { - "end": 55, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 49, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 52, - "start": 50, - "type": "REQUEST_EXECUTION" - }, - { - "end": 56, - "start": 53, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_binauthz_management_service_v1_beta1_update_policy_sync.py" - }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient", - "shortName": "SystemPolicyV1Beta1AsyncClient" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1AsyncClient.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_async", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client", - "shortName": "SystemPolicyV1Beta1Client" - }, - "fullName": "google.cloud.binaryauthorization_v1beta1.SystemPolicyV1Beta1Client.get_system_policy", - "method": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1.GetSystemPolicy", - "service": { - "fullName": "google.cloud.binaryauthorization.v1beta1.SystemPolicyV1Beta1", - "shortName": "SystemPolicyV1Beta1" - }, - "shortName": "GetSystemPolicy" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.binaryauthorization_v1beta1.types.GetSystemPolicyRequest" - }, - { - "name": "name", - "type": "str" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.binaryauthorization_v1beta1.types.Policy", - "shortName": "get_system_policy" - }, - "description": "Sample for GetSystemPolicy", - "file": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "binaryauthorization_v1beta1_generated_SystemPolicyV1Beta1_GetSystemPolicy_sync", - "segments": [ - { - "end": 51, - "start": 27, - "type": "FULL" - }, - { - "end": 51, - "start": 27, - "type": "SHORT" - }, - { - "end": 40, - "start": 38, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 45, - "start": 41, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 48, - "start": 46, - "type": "REQUEST_EXECUTION" - }, - { - "end": 52, - "start": 49, - "type": "RESPONSE_HANDLING" - } - ], - "title": "binaryauthorization_v1beta1_generated_system_policy_v1_beta1_get_system_policy_sync.py" - } - ] -} From f8d032a33c4cc4c850f4ce88a84776f324eeb20c Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Mon, 21 Nov 2022 17:57:39 +0000 Subject: [PATCH 16/18] use templated setup.py --- .github/release-please.yml | 1 + .../binaryauthorization/gapic_version.py | 2 +- release-please-config.json | 10 --- setup.py | 74 +++++++++++++------ 4 files changed, 52 insertions(+), 35 deletions(-) diff --git a/.github/release-please.yml b/.github/release-please.yml index 6def37a..e9a4f00 100644 --- a/.github/release-please.yml +++ b/.github/release-please.yml @@ -1,5 +1,6 @@ releaseType: python handleGHRelease: true +manifest: true # NOTE: this section is generated by synthtool.languages.python # See https://github.com/googleapis/synthtool/blob/master/synthtool/languages/python.py branches: diff --git a/google/cloud/binaryauthorization/gapic_version.py b/google/cloud/binaryauthorization/gapic_version.py index 35859c3..e370372 100644 --- a/google/cloud/binaryauthorization/gapic_version.py +++ b/google/cloud/binaryauthorization/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "0.1.0" +__version__ = "1.3.3" # {x-release-please-version} diff --git a/release-please-config.json b/release-please-config.json index 77a180c..c81cf44 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -10,20 +10,10 @@ "path": "samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1.json", "jsonpath": "$.clientLibrary.version" }, - { - "type": "json", - "path": "samples/generated_samples/snippet_metadata_binaryauthorization_v1.json", - "jsonpath": "$.clientLibrary.version" - }, { "type": "json", "path": "samples/generated_samples/snippet_metadata_google.cloud.binaryauthorization.v1beta1.json", "jsonpath": "$.clientLibrary.version" - }, - { - "type": "json", - "path": "samples/generated_samples/snippet_metadata_binaryauthorization_v1beta1.json", - "jsonpath": "$.clientLibrary.version" } ] } diff --git a/setup.py b/setup.py index 94a5072..9190b9a 100644 --- a/setup.py +++ b/setup.py @@ -1,6 +1,5 @@ # -*- coding: utf-8 -*- - -# Copyright 2020 Google LLC +# Copyright 2022 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,13 +13,37 @@ # See the License for the specific language governing permissions and # limitations under the License. # - import io import os import setuptools # type: ignore -version = "1.3.3" +package_root = os.path.abspath(os.path.dirname(__file__)) + +name = "google-cloud-binary-authorization" + + +description = "Google Cloud Binaryauthorization API client library" + +version = {} +with open( + os.path.join(package_root, "google/cloud/binaryauthorization/gapic_version.py") +) as fp: + exec(fp.read(), version) +version = version["__version__"] + +if version[0] == "0": + release_status = "Development Status :: 4 - Beta" +else: + release_status = "Development Status :: 5 - Production/Stable" + +dependencies = [ + "google-api-core[grpc] >= 1.33.2, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", + "proto-plus >= 1.22.0, <2.0.0dev", + "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", + "grafeas >= 1.1.2, <2.0dev", +] +url = "https://github.com/googleapis/python-binary-authorization" package_root = os.path.abspath(os.path.dirname(__file__)) @@ -28,40 +51,43 @@ with io.open(readme_filename, encoding="utf-8") as readme_file: readme = readme_file.read() +packages = [ + package + for package in setuptools.PEP420PackageFinder.find() + if package.startswith("google") +] + +namespaces = ["google"] +if "google.cloud" in packages: + namespaces.append("google.cloud") setuptools.setup( - name="google-cloud-binary-authorization", + name=name, version=version, + description=description, long_description=readme, author="Google LLC", author_email="googleapis-packages@google.com", license="Apache 2.0", - url="https://github.com/googleapis/python-binary-authorization", - packages=[ - package - for package in setuptools.PEP420PackageFinder.find() - if package.startswith("google") - ], - namespace_packages=("google", "google.cloud"), - platforms="Posix; MacOS X; Windows", - include_package_data=True, - install_requires=( - "google-api-core[grpc] >= 1.32.0, <3.0.0dev,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*", - "proto-plus >= 1.22.0, <2.0.0dev", - "protobuf>=3.19.5,<5.0.0dev,!=3.20.0,!=3.20.1,!=4.21.0,!=4.21.1,!=4.21.2,!=4.21.3,!=4.21.4,!=4.21.5", - "grafeas >= 1.1.2, <2.0dev", - ), - python_requires=">=3.7", + url=url, classifiers=[ - "Development Status :: 5 - Production/Stable", + release_status, "Intended Audience :: Developers", - "Operating System :: OS Independent", + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python", + "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", + "Operating System :: OS Independent", "Topic :: Internet", - "Topic :: Software Development :: Libraries :: Python Modules", ], + platforms="Posix; MacOS X; Windows", + packages=packages, + python_requires=">=3.7", + namespace_packages=namespaces, + install_requires=dependencies, + include_package_data=True, zip_safe=False, ) From 36ffa0ccd7d7e5d41bab5c00bc66505cda1c8825 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Mon, 21 Nov 2022 18:01:02 +0000 Subject: [PATCH 17/18] run nox format session --- docs/conf.py | 2 +- google/cloud/binaryauthorization/__init__.py | 47 ++++++++--------- .../cloud/binaryauthorization_v1/__init__.py | 52 ++++++++++--------- .../__init__.py | 2 +- .../async_client.py | 15 +++--- .../binauthz_management_service_v1/client.py | 13 ++--- .../binauthz_management_service_v1/pagers.py | 7 ++- .../transports/__init__.py | 1 - .../transports/base.py | 9 ++-- .../transports/grpc.py | 14 +++-- .../transports/grpc_asyncio.py | 14 +++-- .../services/system_policy_v1/__init__.py | 2 +- .../services/system_policy_v1/async_client.py | 13 ++--- .../services/system_policy_v1/client.py | 11 ++-- .../system_policy_v1/transports/__init__.py | 1 - .../system_policy_v1/transports/base.py | 7 ++- .../system_policy_v1/transports/grpc.py | 12 ++--- .../transports/grpc_asyncio.py | 12 ++--- .../services/validation_helper_v1/__init__.py | 2 +- .../validation_helper_v1/async_client.py | 9 ++-- .../services/validation_helper_v1/client.py | 7 +-- .../transports/__init__.py | 1 - .../validation_helper_v1/transports/base.py | 4 +- .../validation_helper_v1/transports/grpc.py | 9 ++-- .../transports/grpc_asyncio.py | 9 ++-- .../binaryauthorization_v1/types/resources.py | 4 +- .../binaryauthorization_v1/types/service.py | 3 +- .../binaryauthorization_v1beta1/__init__.py | 45 ++++++++-------- .../__init__.py | 2 +- .../async_client.py | 15 +++--- .../client.py | 13 ++--- .../pagers.py | 7 ++- .../transports/__init__.py | 1 - .../transports/base.py | 9 ++-- .../transports/grpc.py | 14 +++-- .../transports/grpc_asyncio.py | 14 +++-- .../system_policy_v1_beta1/__init__.py | 2 +- .../system_policy_v1_beta1/async_client.py | 13 ++--- .../services/system_policy_v1_beta1/client.py | 11 ++-- .../transports/__init__.py | 1 - .../system_policy_v1_beta1/transports/base.py | 7 ++- .../system_policy_v1_beta1/transports/grpc.py | 12 ++--- .../transports/grpc_asyncio.py | 12 ++--- .../types/__init__.py | 4 +- .../types/continuous_validation_logging.py | 4 +- .../types/resources.py | 4 +- .../types/service.py | 1 - noxfile.py | 1 + owlbot.py | 2 +- .../test_binauthz_management_service_v1.py | 31 ++++------- .../test_system_policy_v1.py | 29 +++++------ .../test_validation_helper_v1.py | 28 +++++----- ...st_binauthz_management_service_v1_beta1.py | 31 ++++------- .../test_system_policy_v1_beta1.py | 29 ++++------- 54 files changed, 283 insertions(+), 341 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index 3551c21..f3875f9 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -24,9 +24,9 @@ # All configuration values have a default; values that are commented out # serve to show the default. -import sys import os import shlex +import sys # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the diff --git a/google/cloud/binaryauthorization/__init__.py b/google/cloud/binaryauthorization/__init__.py index 213cf5e..52abbc0 100644 --- a/google/cloud/binaryauthorization/__init__.py +++ b/google/cloud/binaryauthorization/__init__.py @@ -18,47 +18,44 @@ __version__ = package_version.__version__ -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import ( - BinauthzManagementServiceV1Client, -) from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.async_client import ( BinauthzManagementServiceV1AsyncClient, ) -from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import ( - SystemPolicyV1Client, +from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1.client import ( + BinauthzManagementServiceV1Client, ) from google.cloud.binaryauthorization_v1.services.system_policy_v1.async_client import ( SystemPolicyV1AsyncClient, ) -from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ( - ValidationHelperV1Client, +from google.cloud.binaryauthorization_v1.services.system_policy_v1.client import ( + SystemPolicyV1Client, ) from google.cloud.binaryauthorization_v1.services.validation_helper_v1.async_client import ( ValidationHelperV1AsyncClient, ) - -from google.cloud.binaryauthorization_v1.types.resources import AdmissionRule +from google.cloud.binaryauthorization_v1.services.validation_helper_v1.client import ( + ValidationHelperV1Client, +) from google.cloud.binaryauthorization_v1.types.resources import ( + AdmissionRule, AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedGrafeasNote, ) -from google.cloud.binaryauthorization_v1.types.resources import Attestor -from google.cloud.binaryauthorization_v1.types.resources import AttestorPublicKey -from google.cloud.binaryauthorization_v1.types.resources import PkixPublicKey -from google.cloud.binaryauthorization_v1.types.resources import Policy -from google.cloud.binaryauthorization_v1.types.resources import UserOwnedGrafeasNote -from google.cloud.binaryauthorization_v1.types.service import CreateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import DeleteAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import GetPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import GetSystemPolicyRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsRequest -from google.cloud.binaryauthorization_v1.types.service import ListAttestorsResponse -from google.cloud.binaryauthorization_v1.types.service import UpdateAttestorRequest -from google.cloud.binaryauthorization_v1.types.service import UpdatePolicyRequest from google.cloud.binaryauthorization_v1.types.service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, ValidateAttestationOccurrenceRequest, -) -from google.cloud.binaryauthorization_v1.types.service import ( ValidateAttestationOccurrenceResponse, ) diff --git a/google/cloud/binaryauthorization_v1/__init__.py b/google/cloud/binaryauthorization_v1/__init__.py index cf359a9..a4b47c1 100644 --- a/google/cloud/binaryauthorization_v1/__init__.py +++ b/google/cloud/binaryauthorization_v1/__init__.py @@ -18,33 +18,37 @@ __version__ = package_version.__version__ -from .services.binauthz_management_service_v1 import BinauthzManagementServiceV1Client from .services.binauthz_management_service_v1 import ( BinauthzManagementServiceV1AsyncClient, + BinauthzManagementServiceV1Client, +) +from .services.system_policy_v1 import SystemPolicyV1AsyncClient, SystemPolicyV1Client +from .services.validation_helper_v1 import ( + ValidationHelperV1AsyncClient, + ValidationHelperV1Client, +) +from .types.resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedGrafeasNote, +) +from .types.service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, + ValidateAttestationOccurrenceRequest, + ValidateAttestationOccurrenceResponse, ) -from .services.system_policy_v1 import SystemPolicyV1Client -from .services.system_policy_v1 import SystemPolicyV1AsyncClient -from .services.validation_helper_v1 import ValidationHelperV1Client -from .services.validation_helper_v1 import ValidationHelperV1AsyncClient - -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedGrafeasNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest -from .types.service import ValidateAttestationOccurrenceRequest -from .types.service import ValidateAttestationOccurrenceResponse __all__ = ( "BinauthzManagementServiceV1AsyncClient", diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py index cb4f207..098c3c4 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/__init__.py @@ -13,8 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # -from .client import BinauthzManagementServiceV1Client from .async_client import BinauthzManagementServiceV1AsyncClient +from .client import BinauthzManagementServiceV1Client __all__ = ( "BinauthzManagementServiceV1Client", diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py index 43fce1c..9f9e820 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/async_client.py @@ -27,29 +27,30 @@ Type, Union, ) -import pkg_resources -from google.api_core.client_options import ClientOptions from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +from google.api_core.client_options import ClientOptions from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore + from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import ( pagers, ) -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport +from google.cloud.binaryauthorization_v1.types import resources, service + from .client import BinauthzManagementServiceV1Client +from .transports.base import DEFAULT_CLIENT_INFO, BinauthzManagementServiceV1Transport +from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport class BinauthzManagementServiceV1AsyncClient: diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py index 689c3b8..c88c0b0 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/client.py @@ -28,30 +28,31 @@ Union, cast, ) -import pkg_resources from google.api_core import client_options as client_options_lib from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries from google.auth import credentials as ga_credentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.auth.transport import mtls # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore + from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import ( pagers, ) -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1.types import resources, service + +from .transports.base import DEFAULT_CLIENT_INFO, BinauthzManagementServiceV1Transport from .transports.grpc import BinauthzManagementServiceV1GrpcTransport from .transports.grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py index 8bf9786..b3ea5d9 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/pagers.py @@ -18,14 +18,13 @@ AsyncIterator, Awaitable, Callable, + Iterator, + Optional, Sequence, Tuple, - Optional, - Iterator, ) -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service +from google.cloud.binaryauthorization_v1.types import resources, service class ListAttestorsPager: diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py index f5730ee..4f62838 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/__init__.py @@ -20,7 +20,6 @@ from .grpc import BinauthzManagementServiceV1GrpcTransport from .grpc_asyncio import BinauthzManagementServiceV1GrpcAsyncIOTransport - # Compile a registry of transports. _transport_registry = ( OrderedDict() diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py index a2bc518..bd2258e 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/base.py @@ -15,19 +15,18 @@ # import abc from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources -import google.auth # type: ignore import google.api_core from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service from google.protobuf import empty_pb2 # type: ignore +import pkg_resources + +from google.cloud.binaryauthorization_v1.types import resources, service try: DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py index 5518ec2..baf0fda 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc.py @@ -13,21 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 +from google.api_core import gapic_v1, grpc_helpers import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - +from google.protobuf import empty_pb2 # type: ignore import grpc # type: ignore -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, BinauthzManagementServiceV1Transport class BinauthzManagementServiceV1GrpcTransport(BinauthzManagementServiceV1Transport): diff --git a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py index d889b73..8e69dde 100644 --- a/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1/services/binauthz_management_service_v1/transports/grpc_asyncio.py @@ -13,21 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async +from google.api_core import gapic_v1, grpc_helpers_async from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - +from google.protobuf import empty_pb2 # type: ignore import grpc # type: ignore from grpc.experimental import aio # type: ignore -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, BinauthzManagementServiceV1Transport from .grpc import BinauthzManagementServiceV1GrpcTransport diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py index 9d04ee9..baf062f 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/__init__.py @@ -13,8 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # -from .client import SystemPolicyV1Client from .async_client import SystemPolicyV1AsyncClient +from .client import SystemPolicyV1Client __all__ = ( "SystemPolicyV1Client", diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py index 9031285..8229320 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/async_client.py @@ -27,26 +27,27 @@ Type, Union, ) -import pkg_resources -from google.api_core.client_options import ClientOptions from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +from google.api_core.client_options import ClientOptions from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport + +from google.cloud.binaryauthorization_v1.types import resources, service + from .client import SystemPolicyV1Client +from .transports.base import DEFAULT_CLIENT_INFO, SystemPolicyV1Transport +from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport class SystemPolicyV1AsyncClient: diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py index 7d34526..6340a90 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/client.py @@ -28,27 +28,28 @@ Union, cast, ) -import pkg_resources from google.api_core import client_options as client_options_lib from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries from google.auth import credentials as ga_credentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.auth.transport import mtls # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO + +from google.cloud.binaryauthorization_v1.types import resources, service + +from .transports.base import DEFAULT_CLIENT_INFO, SystemPolicyV1Transport from .transports.grpc import SystemPolicyV1GrpcTransport from .transports.grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py index 991750c..d136089 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/__init__.py @@ -20,7 +20,6 @@ from .grpc import SystemPolicyV1GrpcTransport from .grpc_asyncio import SystemPolicyV1GrpcAsyncIOTransport - # Compile a registry of transports. _transport_registry = OrderedDict() # type: Dict[str, Type[SystemPolicyV1Transport]] _transport_registry["grpc"] = SystemPolicyV1GrpcTransport diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py index f057356..19f4f14 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/base.py @@ -15,18 +15,17 @@ # import abc from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources -import google.auth # type: ignore import google.api_core from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service +from google.cloud.binaryauthorization_v1.types import resources, service try: DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py index 6eaf4a7..59aa689 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc.py @@ -13,20 +13,18 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 +from google.api_core import gapic_v1, grpc_helpers import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - import grpc # type: ignore -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, SystemPolicyV1Transport class SystemPolicyV1GrpcTransport(SystemPolicyV1Transport): diff --git a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py index cfeaa7c..61ed6c7 100644 --- a/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1/services/system_policy_v1/transports/grpc_asyncio.py @@ -13,20 +13,18 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async +from google.api_core import gapic_v1, grpc_helpers_async from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - import grpc # type: ignore from grpc.experimental import aio # type: ignore -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from .base import SystemPolicyV1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, SystemPolicyV1Transport from .grpc import SystemPolicyV1GrpcTransport diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py index 699db16..ea286c6 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/__init__.py @@ -13,8 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # -from .client import ValidationHelperV1Client from .async_client import ValidationHelperV1AsyncClient +from .client import ValidationHelperV1Client __all__ = ( "ValidationHelperV1Client", diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py index 5ebbcd2..6dbde77 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/async_client.py @@ -27,14 +27,14 @@ Type, Union, ) -import pkg_resources -from google.api_core.client_options import ClientOptions from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +from google.api_core.client_options import ClientOptions from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] @@ -42,9 +42,10 @@ OptionalRetry = Union[retries.Retry, object] # type: ignore from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport + from .client import ValidationHelperV1Client +from .transports.base import DEFAULT_CLIENT_INFO, ValidationHelperV1Transport +from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport class ValidationHelperV1AsyncClient: diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py index 6c7742d..ad09622 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/client.py @@ -28,17 +28,17 @@ Union, cast, ) -import pkg_resources from google.api_core import client_options as client_options_lib from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries from google.auth import credentials as ga_credentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.auth.transport import mtls # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] @@ -46,7 +46,8 @@ OptionalRetry = Union[retries.Retry, object] # type: ignore from google.cloud.binaryauthorization_v1.types import service -from .transports.base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO + +from .transports.base import DEFAULT_CLIENT_INFO, ValidationHelperV1Transport from .transports.grpc import ValidationHelperV1GrpcTransport from .transports.grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py index 22a9059..f7b1990 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/__init__.py @@ -20,7 +20,6 @@ from .grpc import ValidationHelperV1GrpcTransport from .grpc_asyncio import ValidationHelperV1GrpcAsyncIOTransport - # Compile a registry of transports. _transport_registry = ( OrderedDict() diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py index 277a5c6..c499205 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/base.py @@ -15,15 +15,15 @@ # import abc from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources -import google.auth # type: ignore import google.api_core from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources from google.cloud.binaryauthorization_v1.types import service diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py index d828bbd..0b3dcf8 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc.py @@ -13,19 +13,18 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 +from google.api_core import gapic_v1, grpc_helpers import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - import grpc # type: ignore from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO + +from .base import DEFAULT_CLIENT_INFO, ValidationHelperV1Transport class ValidationHelperV1GrpcTransport(ValidationHelperV1Transport): diff --git a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py index 629bcf2..75a20c1 100644 --- a/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1/services/validation_helper_v1/transports/grpc_asyncio.py @@ -13,19 +13,18 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async +from google.api_core import gapic_v1, grpc_helpers_async from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - import grpc # type: ignore from grpc.experimental import aio # type: ignore from google.cloud.binaryauthorization_v1.types import service -from .base import ValidationHelperV1Transport, DEFAULT_CLIENT_INFO + +from .base import DEFAULT_CLIENT_INFO, ValidationHelperV1Transport from .grpc import ValidationHelperV1GrpcTransport diff --git a/google/cloud/binaryauthorization_v1/types/resources.py b/google/cloud/binaryauthorization_v1/types/resources.py index 2a84fbe..92294ca 100644 --- a/google/cloud/binaryauthorization_v1/types/resources.py +++ b/google/cloud/binaryauthorization_v1/types/resources.py @@ -15,10 +15,8 @@ # from typing import MutableMapping, MutableSequence -import proto # type: ignore - from google.protobuf import timestamp_pb2 # type: ignore - +import proto # type: ignore __protobuf__ = proto.module( package="google.cloud.binaryauthorization.v1", diff --git a/google/cloud/binaryauthorization_v1/types/service.py b/google/cloud/binaryauthorization_v1/types/service.py index 5449034..3d9873e 100644 --- a/google/cloud/binaryauthorization_v1/types/service.py +++ b/google/cloud/binaryauthorization_v1/types/service.py @@ -15,11 +15,10 @@ # from typing import MutableMapping, MutableSequence +from grafeas.grafeas_v1.types import attestation # type: ignore import proto # type: ignore from google.cloud.binaryauthorization_v1.types import resources -from grafeas.grafeas_v1.types import attestation # type: ignore - __protobuf__ = proto.module( package="google.cloud.binaryauthorization.v1", diff --git a/google/cloud/binaryauthorization_v1beta1/__init__.py b/google/cloud/binaryauthorization_v1beta1/__init__.py index c9e78fc..bf3e972 100644 --- a/google/cloud/binaryauthorization_v1beta1/__init__.py +++ b/google/cloud/binaryauthorization_v1beta1/__init__.py @@ -19,31 +19,34 @@ from .services.binauthz_management_service_v1_beta1 import ( + BinauthzManagementServiceV1Beta1AsyncClient, BinauthzManagementServiceV1Beta1Client, ) -from .services.binauthz_management_service_v1_beta1 import ( - BinauthzManagementServiceV1Beta1AsyncClient, +from .services.system_policy_v1_beta1 import ( + SystemPolicyV1Beta1AsyncClient, + SystemPolicyV1Beta1Client, ) -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1Client -from .services.system_policy_v1_beta1 import SystemPolicyV1Beta1AsyncClient - from .types.continuous_validation_logging import ContinuousValidationEvent -from .types.resources import AdmissionRule -from .types.resources import AdmissionWhitelistPattern -from .types.resources import Attestor -from .types.resources import AttestorPublicKey -from .types.resources import PkixPublicKey -from .types.resources import Policy -from .types.resources import UserOwnedDrydockNote -from .types.service import CreateAttestorRequest -from .types.service import DeleteAttestorRequest -from .types.service import GetAttestorRequest -from .types.service import GetPolicyRequest -from .types.service import GetSystemPolicyRequest -from .types.service import ListAttestorsRequest -from .types.service import ListAttestorsResponse -from .types.service import UpdateAttestorRequest -from .types.service import UpdatePolicyRequest +from .types.resources import ( + AdmissionRule, + AdmissionWhitelistPattern, + Attestor, + AttestorPublicKey, + PkixPublicKey, + Policy, + UserOwnedDrydockNote, +) +from .types.service import ( + CreateAttestorRequest, + DeleteAttestorRequest, + GetAttestorRequest, + GetPolicyRequest, + GetSystemPolicyRequest, + ListAttestorsRequest, + ListAttestorsResponse, + UpdateAttestorRequest, + UpdatePolicyRequest, +) __all__ = ( "BinauthzManagementServiceV1Beta1AsyncClient", diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py index 6e7af7c..40e7346 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/__init__.py @@ -13,8 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # -from .client import BinauthzManagementServiceV1Beta1Client from .async_client import BinauthzManagementServiceV1Beta1AsyncClient +from .client import BinauthzManagementServiceV1Beta1Client __all__ = ( "BinauthzManagementServiceV1Beta1Client", diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py index 470d14b..11d7945 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/async_client.py @@ -27,34 +27,35 @@ Type, Union, ) -import pkg_resources -from google.api_core.client_options import ClientOptions from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +from google.api_core.client_options import ClientOptions from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore + from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import ( pagers, ) -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore +from google.cloud.binaryauthorization_v1beta1.types import resources, service + +from .client import BinauthzManagementServiceV1Beta1Client from .transports.base import ( - BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO, + BinauthzManagementServiceV1Beta1Transport, ) from .transports.grpc_asyncio import ( BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport, ) -from .client import BinauthzManagementServiceV1Beta1Client class BinauthzManagementServiceV1Beta1AsyncClient: diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py index 1a784a5..ef780e2 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/client.py @@ -28,32 +28,33 @@ Union, cast, ) -import pkg_resources from google.api_core import client_options as client_options_lib from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries from google.auth import credentials as ga_credentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.auth.transport import mtls # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore +from google.protobuf import timestamp_pb2 # type: ignore + from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import ( pagers, ) -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import timestamp_pb2 # type: ignore +from google.cloud.binaryauthorization_v1beta1.types import resources, service + from .transports.base import ( - BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO, + BinauthzManagementServiceV1Beta1Transport, ) from .transports.grpc import BinauthzManagementServiceV1Beta1GrpcTransport from .transports.grpc_asyncio import ( diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py index cc8d97b..066e4a6 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/pagers.py @@ -18,14 +18,13 @@ AsyncIterator, Awaitable, Callable, + Iterator, + Optional, Sequence, Tuple, - Optional, - Iterator, ) -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service +from google.cloud.binaryauthorization_v1beta1.types import resources, service class ListAttestorsPager: diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py index 19d288a..407a4a5 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/__init__.py @@ -20,7 +20,6 @@ from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport from .grpc_asyncio import BinauthzManagementServiceV1Beta1GrpcAsyncIOTransport - # Compile a registry of transports. _transport_registry = ( OrderedDict() diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py index 00a3365..2cd1fac 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/base.py @@ -15,19 +15,18 @@ # import abc from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources -import google.auth # type: ignore import google.api_core from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore - -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service from google.protobuf import empty_pb2 # type: ignore +import pkg_resources + +from google.cloud.binaryauthorization_v1beta1.types import resources, service try: DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py index 7d9a61d..4af92bd 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc.py @@ -13,21 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 +from google.api_core import gapic_v1, grpc_helpers import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - +from google.protobuf import empty_pb2 # type: ignore import grpc # type: ignore -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1beta1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, BinauthzManagementServiceV1Beta1Transport class BinauthzManagementServiceV1Beta1GrpcTransport( diff --git a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py index c0dde78..edb10c1 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1beta1/services/binauthz_management_service_v1_beta1/transports/grpc_asyncio.py @@ -13,21 +13,19 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async +from google.api_core import gapic_v1, grpc_helpers_async from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - +from google.protobuf import empty_pb2 # type: ignore import grpc # type: ignore from grpc.experimental import aio # type: ignore -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.protobuf import empty_pb2 # type: ignore -from .base import BinauthzManagementServiceV1Beta1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1beta1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, BinauthzManagementServiceV1Beta1Transport from .grpc import BinauthzManagementServiceV1Beta1GrpcTransport diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py index a248343..0760b52 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/__init__.py @@ -13,8 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # -from .client import SystemPolicyV1Beta1Client from .async_client import SystemPolicyV1Beta1AsyncClient +from .client import SystemPolicyV1Beta1Client __all__ = ( "SystemPolicyV1Beta1Client", diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py index 0357395..7e56b8d 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/async_client.py @@ -27,26 +27,27 @@ Type, Union, ) -import pkg_resources -from google.api_core.client_options import ClientOptions from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +from google.api_core.client_options import ClientOptions from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO -from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport + +from google.cloud.binaryauthorization_v1beta1.types import resources, service + from .client import SystemPolicyV1Beta1Client +from .transports.base import DEFAULT_CLIENT_INFO, SystemPolicyV1Beta1Transport +from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport class SystemPolicyV1Beta1AsyncClient: diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py index 0599c8b..735adf9 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/client.py @@ -28,27 +28,28 @@ Union, cast, ) -import pkg_resources from google.api_core import client_options as client_options_lib from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries from google.auth import credentials as ga_credentials # type: ignore +from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.auth.transport import mtls # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore -from google.auth.exceptions import MutualTLSChannelError # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources try: OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] except AttributeError: # pragma: NO COVER OptionalRetry = Union[retries.Retry, object] # type: ignore -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service from google.protobuf import timestamp_pb2 # type: ignore -from .transports.base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO + +from google.cloud.binaryauthorization_v1beta1.types import resources, service + +from .transports.base import DEFAULT_CLIENT_INFO, SystemPolicyV1Beta1Transport from .transports.grpc import SystemPolicyV1Beta1GrpcTransport from .transports.grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py index ee82c9f..31c6c6c 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/__init__.py @@ -20,7 +20,6 @@ from .grpc import SystemPolicyV1Beta1GrpcTransport from .grpc_asyncio import SystemPolicyV1Beta1GrpcAsyncIOTransport - # Compile a registry of transports. _transport_registry = ( OrderedDict() diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py index 494c249..dc8fb44 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/base.py @@ -15,18 +15,17 @@ # import abc from typing import Awaitable, Callable, Dict, Optional, Sequence, Union -import pkg_resources -import google.auth # type: ignore import google.api_core from google.api_core import exceptions as core_exceptions from google.api_core import gapic_v1 from google.api_core import retry as retries +import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.oauth2 import service_account # type: ignore +import pkg_resources -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service +from google.cloud.binaryauthorization_v1beta1.types import resources, service try: DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py index 7412b39..2a9e3f2 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc.py @@ -13,20 +13,18 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import grpc_helpers -from google.api_core import gapic_v1 +from google.api_core import gapic_v1, grpc_helpers import google.auth # type: ignore from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - import grpc # type: ignore -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1beta1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, SystemPolicyV1Beta1Transport class SystemPolicyV1Beta1GrpcTransport(SystemPolicyV1Beta1Transport): diff --git a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py index 4ad40a2..fc122e9 100644 --- a/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py +++ b/google/cloud/binaryauthorization_v1beta1/services/system_policy_v1_beta1/transports/grpc_asyncio.py @@ -13,20 +13,18 @@ # See the License for the specific language governing permissions and # limitations under the License. # -import warnings from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union +import warnings -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers_async +from google.api_core import gapic_v1, grpc_helpers_async from google.auth import credentials as ga_credentials # type: ignore from google.auth.transport.grpc import SslCredentials # type: ignore - import grpc # type: ignore from grpc.experimental import aio # type: ignore -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from .base import SystemPolicyV1Beta1Transport, DEFAULT_CLIENT_INFO +from google.cloud.binaryauthorization_v1beta1.types import resources, service + +from .base import DEFAULT_CLIENT_INFO, SystemPolicyV1Beta1Transport from .grpc import SystemPolicyV1Beta1GrpcTransport diff --git a/google/cloud/binaryauthorization_v1beta1/types/__init__.py b/google/cloud/binaryauthorization_v1beta1/types/__init__.py index 25e8b6c..30b8ea4 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/__init__.py +++ b/google/cloud/binaryauthorization_v1beta1/types/__init__.py @@ -13,9 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # -from .continuous_validation_logging import ( - ContinuousValidationEvent, -) +from .continuous_validation_logging import ContinuousValidationEvent from .resources import ( AdmissionRule, AdmissionWhitelistPattern, diff --git a/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py b/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py index e470ba6..0c00a48 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py +++ b/google/cloud/binaryauthorization_v1beta1/types/continuous_validation_logging.py @@ -15,10 +15,8 @@ # from typing import MutableMapping, MutableSequence -import proto # type: ignore - from google.protobuf import timestamp_pb2 # type: ignore - +import proto # type: ignore __protobuf__ = proto.module( package="google.cloud.binaryauthorization.v1beta1", diff --git a/google/cloud/binaryauthorization_v1beta1/types/resources.py b/google/cloud/binaryauthorization_v1beta1/types/resources.py index 76aeffa..3b88e73 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/resources.py +++ b/google/cloud/binaryauthorization_v1beta1/types/resources.py @@ -15,10 +15,8 @@ # from typing import MutableMapping, MutableSequence -import proto # type: ignore - from google.protobuf import timestamp_pb2 # type: ignore - +import proto # type: ignore __protobuf__ = proto.module( package="google.cloud.binaryauthorization.v1beta1", diff --git a/google/cloud/binaryauthorization_v1beta1/types/service.py b/google/cloud/binaryauthorization_v1beta1/types/service.py index 51f8481..b20e6e1 100644 --- a/google/cloud/binaryauthorization_v1beta1/types/service.py +++ b/google/cloud/binaryauthorization_v1beta1/types/service.py @@ -19,7 +19,6 @@ from google.cloud.binaryauthorization_v1beta1.types import resources - __protobuf__ = proto.module( package="google.cloud.binaryauthorization.v1beta1", manifest={ diff --git a/noxfile.py b/noxfile.py index d752b54..d8440c0 100644 --- a/noxfile.py +++ b/noxfile.py @@ -17,6 +17,7 @@ # Generated by synthtool. DO NOT EDIT! from __future__ import absolute_import + import os import pathlib import re diff --git a/owlbot.py b/owlbot.py index 1549b30..105dd3f 100644 --- a/owlbot.py +++ b/owlbot.py @@ -93,4 +93,4 @@ # run format session for all directories which have a noxfile for noxfile in Path(".").glob("**/noxfile.py"): - s.shell.run(["nox", "-s", "blacken"], cwd=noxfile.parent, hide_output=False) + s.shell.run(["nox", "-s", "format"], cwd=noxfile.parent, hide_output=False) diff --git a/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py b/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py index d39660e..83b869e 100644 --- a/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py +++ b/tests/unit/gapic/binaryauthorization_v1/test_binauthz_management_service_v1.py @@ -22,38 +22,29 @@ except ImportError: # pragma: NO COVER import mock -import grpc -from grpc.experimental import aio import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers +from google.api_core import gapic_v1, grpc_helpers, grpc_helpers_async, path_template from google.api_core import client_options from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template +import google.auth from google.auth import credentials as ga_credentials from google.auth.exceptions import MutualTLSChannelError +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import grpc +from grpc.experimental import aio +from proto.marshal.rules import wrappers +from proto.marshal.rules.dates import DurationRule, TimestampRule +import pytest + from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import ( BinauthzManagementServiceV1AsyncClient, -) -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import ( BinauthzManagementServiceV1Client, -) -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import ( pagers, -) -from google.cloud.binaryauthorization_v1.services.binauthz_management_service_v1 import ( transports, ) -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth +from google.cloud.binaryauthorization_v1.types import resources, service def client_cert_source_callback(): diff --git a/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py b/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py index 6434861..5bc9fe8 100644 --- a/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py +++ b/tests/unit/gapic/binaryauthorization_v1/test_system_policy_v1.py @@ -22,33 +22,28 @@ except ImportError: # pragma: NO COVER import mock -import grpc -from grpc.experimental import aio import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers +from google.api_core import gapic_v1, grpc_helpers, grpc_helpers_async, path_template from google.api_core import client_options from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template +import google.auth from google.auth import credentials as ga_credentials from google.auth.exceptions import MutualTLSChannelError +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import grpc +from grpc.experimental import aio +from proto.marshal.rules import wrappers +from proto.marshal.rules.dates import DurationRule, TimestampRule +import pytest + from google.cloud.binaryauthorization_v1.services.system_policy_v1 import ( SystemPolicyV1AsyncClient, -) -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import ( SystemPolicyV1Client, + transports, ) -from google.cloud.binaryauthorization_v1.services.system_policy_v1 import transports -from google.cloud.binaryauthorization_v1.types import resources -from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth +from google.cloud.binaryauthorization_v1.types import resources, service def client_cert_source_callback(): diff --git a/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py index 0589a7d..a8be55f 100644 --- a/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py +++ b/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py @@ -22,33 +22,29 @@ except ImportError: # pragma: NO COVER import mock -import grpc -from grpc.experimental import aio import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers +from google.api_core import gapic_v1, grpc_helpers, grpc_helpers_async, path_template from google.api_core import client_options from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template +import google.auth from google.auth import credentials as ga_credentials from google.auth.exceptions import MutualTLSChannelError +from google.oauth2 import service_account +from grafeas.grafeas_v1.types import attestation # type: ignore +from grafeas.grafeas_v1.types import common # type: ignore +import grpc +from grpc.experimental import aio +from proto.marshal.rules import wrappers +from proto.marshal.rules.dates import DurationRule, TimestampRule +import pytest + from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ( ValidationHelperV1AsyncClient, -) -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import ( ValidationHelperV1Client, + transports, ) -from google.cloud.binaryauthorization_v1.services.validation_helper_v1 import transports from google.cloud.binaryauthorization_v1.types import service -from google.oauth2 import service_account -from grafeas.grafeas_v1.types import attestation # type: ignore -from grafeas.grafeas_v1.types import common # type: ignore -import google.auth def client_cert_source_callback(): diff --git a/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py b/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py index d01c71a..4d9426e 100644 --- a/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py +++ b/tests/unit/gapic/binaryauthorization_v1beta1/test_binauthz_management_service_v1_beta1.py @@ -22,38 +22,29 @@ except ImportError: # pragma: NO COVER import mock -import grpc -from grpc.experimental import aio import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers +from google.api_core import gapic_v1, grpc_helpers, grpc_helpers_async, path_template from google.api_core import client_options from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template +import google.auth from google.auth import credentials as ga_credentials from google.auth.exceptions import MutualTLSChannelError +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import grpc +from grpc.experimental import aio +from proto.marshal.rules import wrappers +from proto.marshal.rules.dates import DurationRule, TimestampRule +import pytest + from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import ( BinauthzManagementServiceV1Beta1AsyncClient, -) -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import ( BinauthzManagementServiceV1Beta1Client, -) -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import ( pagers, -) -from google.cloud.binaryauthorization_v1beta1.services.binauthz_management_service_v1_beta1 import ( transports, ) -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth +from google.cloud.binaryauthorization_v1beta1.types import resources, service def client_cert_source_callback(): diff --git a/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py b/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py index 118f909..17449a1 100644 --- a/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py +++ b/tests/unit/gapic/binaryauthorization_v1beta1/test_system_policy_v1_beta1.py @@ -22,35 +22,28 @@ except ImportError: # pragma: NO COVER import mock -import grpc -from grpc.experimental import aio import math -import pytest -from proto.marshal.rules.dates import DurationRule, TimestampRule -from proto.marshal.rules import wrappers +from google.api_core import gapic_v1, grpc_helpers, grpc_helpers_async, path_template from google.api_core import client_options from google.api_core import exceptions as core_exceptions -from google.api_core import gapic_v1 -from google.api_core import grpc_helpers -from google.api_core import grpc_helpers_async -from google.api_core import path_template +import google.auth from google.auth import credentials as ga_credentials from google.auth.exceptions import MutualTLSChannelError +from google.oauth2 import service_account +from google.protobuf import timestamp_pb2 # type: ignore +import grpc +from grpc.experimental import aio +from proto.marshal.rules import wrappers +from proto.marshal.rules.dates import DurationRule, TimestampRule +import pytest + from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import ( SystemPolicyV1Beta1AsyncClient, -) -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import ( SystemPolicyV1Beta1Client, -) -from google.cloud.binaryauthorization_v1beta1.services.system_policy_v1_beta1 import ( transports, ) -from google.cloud.binaryauthorization_v1beta1.types import resources -from google.cloud.binaryauthorization_v1beta1.types import service -from google.oauth2 import service_account -from google.protobuf import timestamp_pb2 # type: ignore -import google.auth +from google.cloud.binaryauthorization_v1beta1.types import resources, service def client_cert_source_callback(): From 96ef5e6b06bc2537ccebb083f44064da3760a410 Mon Sep 17 00:00:00 2001 From: Anthonios Partheniou Date: Mon, 21 Nov 2022 18:59:10 +0000 Subject: [PATCH 18/18] update replacement in owlbot.py --- google/cloud/binaryauthorization_v1/types/service.py | 8 ++++---- owlbot.py | 12 +++++++++--- .../test_validation_helper_v1.py | 2 +- 3 files changed, 14 insertions(+), 8 deletions(-) diff --git a/google/cloud/binaryauthorization_v1/types/service.py b/google/cloud/binaryauthorization_v1/types/service.py index 3d9873e..03c4383 100644 --- a/google/cloud/binaryauthorization_v1/types/service.py +++ b/google/cloud/binaryauthorization_v1/types/service.py @@ -15,7 +15,7 @@ # from typing import MutableMapping, MutableSequence -from grafeas.grafeas_v1.types import attestation # type: ignore +import grafeas.grafeas_v1.types # type: ignore import proto # type: ignore from google.cloud.binaryauthorization_v1.types import resources @@ -252,7 +252,7 @@ class ValidateAttestationOccurrenceRequest(proto.Message): [Attestor][google.cloud.binaryauthorization.v1.Attestor] of the [occurrence][grafeas.v1.Occurrence], in the format ``projects/*/attestors/*``. - attestation (grafeas.grafeas_v1.types.attestation.AttestationOccurrence): + attestation (grafeas.grafeas_v1.types.AttestationOccurrence): Required. An [AttestationOccurrence][grafeas.v1.AttestationOccurrence] to be checked that it can be verified by the Attestor. It does @@ -272,10 +272,10 @@ class ValidateAttestationOccurrenceRequest(proto.Message): proto.STRING, number=1, ) - attestation: attestation_pb2.AttestationOccurrence = proto.Field( + attestation: grafeas.grafeas_v1.types.AttestationOccurrence = proto.Field( proto.MESSAGE, number=2, - message=attestation.AttestationOccurrence, + message=grafeas.grafeas_v1.types.AttestationOccurrence, ) occurrence_note: str = proto.Field( proto.STRING, diff --git a/owlbot.py b/owlbot.py index 105dd3f..cf12e24 100644 --- a/owlbot.py +++ b/owlbot.py @@ -55,7 +55,7 @@ s.replace( [library / "google/**/*.py", library / "tests/**/*.py"], "from grafeas.grafeas_v1 import attestation_pb2", - "from grafeas.grafeas_v1.types import attestation", + "import grafeas.grafeas_v1.types", ) s.replace( @@ -67,13 +67,19 @@ s.replace( [library / "google/**/*.py", library / "tests/**/*.py"], "message=attestation_pb2", - "message=attestation", + "message=grafeas.grafeas_v1.types", + ) + + s.replace( + [library / "google/**/*.py", library / "tests/**/*.py"], + "attestation: attestation_pb2.AttestationOccurrence", + "attestation: grafeas.grafeas_v1.types.AttestationOccurrence", ) s.replace( [library / "google/**/*.py", library / "tests/**/*.py"], "grafeas.v1.attestation_pb2.AttestationOccurrence", - "grafeas.grafeas_v1.types.attestation.AttestationOccurrence", + "grafeas.grafeas_v1.types.AttestationOccurrence", ) s.move(library, excludes=["setup.py", "**/gapic_version.py"]) s.remove_staging_dirs() diff --git a/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py b/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py index a8be55f..5d39eef 100644 --- a/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py +++ b/tests/unit/gapic/binaryauthorization_v1/test_validation_helper_v1.py @@ -31,7 +31,7 @@ from google.auth import credentials as ga_credentials from google.auth.exceptions import MutualTLSChannelError from google.oauth2 import service_account -from grafeas.grafeas_v1.types import attestation # type: ignore +import grafeas.grafeas_v1.types # type: ignore from grafeas.grafeas_v1.types import common # type: ignore import grpc from grpc.experimental import aio